www.ufa88s.co Open in urlscan Pro
104.21.22.195 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8...
Submission: On December 02 via manual (December 2nd 2022, 10:18:51 pm UTC) from NL — Scanned from NZ

Summary HTTP 21 Redirects Links 4 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 4 IPs in 2 countries across 3 domains to perform 21 HTTP transactions. The main IP is 104.21.22.195, located in and belongs to CLOUDFLARENET, US. The main domain is www.ufa88s.co.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2022. Valid for: a year.

This is the only time www.ufa88s.co was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
14	104.21.22.195 104.21.22.195		13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	142.251.12.94 142.251.12.94		15169 (GOOGLE) (GOOGLE)
1	142.251.12.97 142.251.12.97		15169 (GOOGLE) (GOOGLE)
21	4

14 104.21.22.195 (None, )

ASN13335 (CLOUDFLARENET, US)

www.ufa88s.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.251.12.94 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f94.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.12.97 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f97.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	ufa88s.co www.ufa88s.co	695 KB
6	gstatic.com fonts.gstatic.com	91 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	76 KB
21	3

	Domain	Requested by
14	www.ufa88s.co	www.ufa88s.co
6	fonts.gstatic.com	www.ufa88s.co
1	www.googletagmanager.com	www.ufa88s.co
21	3

This site contains links to these domains. Also see Links.

Domain
member.ufa88s.co
lin.ee
line.me

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-29` - `2023-06-29`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Frame ID: 19BC6A997E6B9C8A0704AF2B1C8A0E71
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ป๊อกเด้งออนไลน์ 2022 ได้เงินจริง เล่นเกมไพ่ออนไลน์ ได้เงินจริง

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Elementor (Landing Page Builders) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href=(?:"|')[^"']*elementor/assets

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

21
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

4
IPs

2
Countries

862 kB
Transfer

1367 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://member.ufa88s.co/register
Title: สมัครสมาชิก

Search URL Search Domain Scan URL

URL: https://lin.ee/aWgcyyz
Title: ฝาก-ถอน

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/@ufa88v4
Title: <img decoding="async" width="344" height="110" src="//www.ufa88s.co/wp-content/uploads/2022/01/ปุ่มสมัครดำ-01.gif" class="attachment-medium_large size-medium_large" alt="" />

Search URL Search Domain Scan URL

URL: https://member.ufa88s.co/login
Title: ฝาก - ถอน

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

21 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/ 431 KB
65 KB 1501ms
1166ms Document
text/html 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.30
Resource Hash: a692a120048d5ab6790b7b2bce0a97dac054ced22e93c7e57703bd3bcab47a6d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: en-NZ,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=2678400
cf-cache-status: MISS
cf-ray: 773770a82e3fa977-SYD
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 22:18:44 GMT
expires: Fri, 02 Dec 2022 22:18:44 GMT
last-modified: Fri, 02 Dec 2022 16:20:31 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOpZm1Wc%2Bhz5UGlQSZG0yIK12HtrZmrQaDLNijH58mDpmEJrA90QrjqRiBtxdvghsz4LhXfepRokN7YwZFp3wDZkDnCfyx0GPHp1dnorKlMNjL3qh%2FGdKF%2B4dgM7105Q"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,User-Agent
x-powered-by: PHP/7.4.30

GET
H2 200 eicons.woff2
www.ufa88s.co/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 91 KB
92 KB 151ms
149ms Font
font/woff2 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ufa88s.co/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.16.0
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea

Request headers

Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Origin: https://www.ufa88s.co
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5741
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 93372
last-modified: Sun, 13 Nov 2022 16:51:31 GMT
server: cloudflare
etag: "63712093-16cbc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZZ3yfV4I5e251TgUezLm21ScFXzu2l6KzWGiF55sHueTCQzANx107nJX2eYyw5srExu%2FXChFT%2FWJhJ1nMjG7SeUtZNwwr9IcZ%2FcYp1qU1YekOqtk%2BW0byomj1oFe8Tv"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 773770af7dcda977-SYD
expires: Sun, 01 Jan 2023 20:43:04 GMT

GET
H2 200 -W__XJnvUD7dzB2KdNodVkI.woff2
fonts.gstatic.com/s/prompt/v10/ 13 KB
13 KB 895ms
351ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KdNodVkI.woff2

Requested by

Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

b3a0b2a8b1ee977665c6deaac4be3b91b2f9fd6610221ca1ae31e6cb44199f6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa88s.co/
Origin: https://www.ufa88s.co
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 09:37:11 GMT
x-content-type-options: nosniff
age: 45694
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13024
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:55:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 09:37:11 GMT

GET
H2 200 -W__XJnvUD7dzB2KYNod.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
18 KB 814ms
270ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W__XJnvUD7dzB2KYNod.woff2

Requested by

Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa88s.co/
Origin: https://www.ufa88s.co
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 21:30:39 GMT
x-content-type-options: nosniff
age: 2886
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17640
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:46:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 21:30:39 GMT

GET
H2 200 -W_8XJnvUD7dzB2Ck_kIfWMuQ5Q.woff2
fonts.gstatic.com/s/prompt/v10/ 12 KB
13 KB 1215ms
671ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Ck_kIfWMuQ5Q.woff2

Requested by

Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

803e3560ed65623ec04f60b65859f2eee365bd6d0f47b7534daa6492b81d5371

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa88s.co/
Origin: https://www.ufa88s.co
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 11:44:19 GMT
x-content-type-options: nosniff
age: 297266
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12760
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:41:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 11:44:19 GMT

GET
H2 200 -W_8XJnvUD7dzB2Ck_kIaWMu.woff2
fonts.gstatic.com/s/prompt/v10/ 17 KB
18 KB 1115ms
571ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2Ck_kIaWMu.woff2

Requested by

Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

e6edb55eb61bbaf02146bb62507589d688467102771c1bb7be159f77e0b33846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa88s.co/
Origin: https://www.ufa88s.co
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 18:49:08 GMT
x-content-type-options: nosniff
age: 271777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:12:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 29 Nov 2023 18:49:08 GMT

GET
H2 200 -W_8XJnvUD7dzB2C2_8IfWMuQ5Q.woff2
fonts.gstatic.com/s/prompt/v10/ 13 KB
13 KB 1280ms
736ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2C2_8IfWMuQ5Q.woff2

Requested by

Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

d9ea25116dc893d7aa59abe5ac6e9035ff1e3172746c8e86e996e123d4321b03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa88s.co/
Origin: https://www.ufa88s.co
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:45:22 GMT
x-content-type-options: nosniff
age: 23603
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13052
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 15:45:22 GMT

GET
H2 200 -W_8XJnvUD7dzB2C2_8IaWMu.woff2
fonts.gstatic.com/s/prompt/v10/ 18 KB
18 KB 1354ms
811ms Font
font/woff2 142.251.12.94
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/prompt/v10/-W_8XJnvUD7dzB2C2_8IaWMu.woff2

Requested by

Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.94 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f94.1e100.net

Software

sffe /

Resource Hash

e4208432ab62e4e5a5e5901bbc6db5ca3119001facc45108f137e9c5b5370352

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ufa88s.co/
Origin: https://www.ufa88s.co
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 15:44:09 GMT
x-content-type-options: nosniff
age: 23676
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17960
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:47:51 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Dec 2023 15:44:09 GMT

GET
H2 200 fa-solid-900.woff2
www.ufa88s.co/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 76 KB
77 KB 291ms
290ms Font
font/woff2 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ufa88s.co/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef

Request headers

Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Origin: https://www.ufa88s.co
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5741
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 78196
last-modified: Sun, 13 Nov 2022 16:51:31 GMT
server: cloudflare
etag: "63712093-13174"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBN2cXHjWSVRbGGYHZw5xpJqvJF%2Fb8VV6L3osiGjnMMULccJ6GCKjg026CBrLP6yR4w%2BEj1sRtM%2BGubke8b3s64cKkH88tbJUuMY%2FuoYkzWxi1lwK9frwpfLmVIXY4vr"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 773770af8dd1a977-SYD
expires: Sun, 01 Jan 2023 20:43:04 GMT

GET
H2 200 fa-brands-400.woff2
www.ufa88s.co/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 75 KB
75 KB 291ms
289ms Font
font/woff2 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ufa88s.co/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af

Request headers

Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Origin: https://www.ufa88s.co
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5741
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76764
last-modified: Sun, 13 Nov 2022 16:51:31 GMT
server: cloudflare
etag: "63712093-12bdc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8oSKhkD4FqAfjQAdpXtyH6zcAfAHd%2FANjDh5IOr9wS%2BWZUif8oU5zIpLvm99CnHfLOlhuDZQipK4u2W9EaM9D75pgbIOryhzu3GyaXRFEN7dHFYWb1wDZZ0NRmucBhDE"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 773770af8dd2a977-SYD
expires: Sun, 01 Jan 2023 20:43:04 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
76 KB 827ms
285ms Script
application/javascript 142.251.12.97
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8RXWC8JGY5

Requested by

Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

142.251.12.97 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

se-in-f97.1e100.net

Software

Google Tag Manager /

Resource Hash

6d56ac0e908fa76b29b25c0115d82f355993787d0f1d088a45b38f776babbb6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.ufa88s.co/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76862
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 02 Dec 2022 22:18:46 GMT

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23b15e3e259dbd35bb79ecb8cf95c7ea6cd606080dcadae4abd22c9cc1c02d0d

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 845a97c979cf4d6efa91fb3a1d6c6bf547ac7a49b5f9162eb133901e81691415

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fc9602de815e40d608c47e3445ccce2207d5f95b863feb6d2f496413ae452f26

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 1422.jpg
www.ufa88s.co/wp-content/uploads/2021/07/ 87 KB
88 KB 335ms
334ms Image
image/jpeg 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ufa88s.co/wp-content/uploads/2021/07/1422.jpg
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8297e29307cb904fd64155bceed7ea4c1f63011722e417da882fafa04a64911e

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38119
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 89403
last-modified: Tue, 03 Aug 2021 08:22:42 GMT
server: cloudflare
etag: "6108fcd2-15d3b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0CMmAGyHNh1tVfrgC277zyeIVFIrOGfTUCzRWi0cQWguTCs2969Up4MQ6Vrwk0X7nDkLvQlP6WDnID7nNE4wZg57SKV0OiRLp%2FVeB9HWK7ihemlbtzhbVgZLTf9JwqQI"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 773770b31b2ca7ed-SYD
expires: Sat, 01 Apr 2023 11:43:26 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 35783aed5b0d590f8e9fbee656228197e120664669c0a25ccc5b2c9a192985db

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a15fbd75ee790b478b72b05dcc26508d0cdafc199c920be9cedaef0740957049

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39e02290feab678e07d2985824d11f9fa8cdaab8873147715850fc2bb85cbc1b

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8363f90139137e611d5b0c5fd15a00d979f9f72d7a1ddba0ab966bb38fe84088

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 67 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42f1290c5344117dc51e259b5f01c1151077e7c73238faefa146edd4d0b93e22

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b947b9e4591d956c9a96f28a6fe81f00a197f4f7cb0762b94fa21149de1164c1

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 email-decode.min.js Show response
www.ufa88s.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 316ms
315ms Script
application/javascript 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ufa88s.co/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/

Protocol

H3

Security

QUIC, , AES_128_GCM

Server

104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 30 Nov 2022 18:31:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6387a18d-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDTeqIcb1XcghNA%2F%2Fx5FXDApcw6PBgp5AYQZmhGQoSiFXutsDPIgBI%2B%2FGqluvZnimS9O9JHOQxd%2B6BuvvYRBwUDrdGNdbHVOOKaULVifsqZ1NB7y1vCnvMoPvjBVnTA5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 773770b31b2ea7ed-SYD
expires: Sun, 04 Dec 2022 22:18:45 GMT

GET
H3 200 lazyload.min.js Show response
www.ufa88s.co/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 149ms
149ms Script
application/javascript 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ufa88s.co/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:46 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 29 Nov 2022 04:40:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 38120
etag: W/"63858d30-2063"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZoksaS8XtlkYT61oGWc22fbQndL7kNqgj9c4SYBB0%2FsCD4q3YQtoj2rkuhhs0cZMPZ2JjloKVtsoeVon1TsDGJj65bnPzYiAT9tjTizaSN%2FWMqEDJlIGhYKyCbA14M8j"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 773770b77f7aa7ed-SYD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 02 Dec 2023 11:43:26 GMT

GET
H3 200 bottom-bar-pc.png
www.ufa88s.co/wp-content/uploads/2021/07/ 3 KB
4 KB 298ms
298ms Image
image/png 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ufa88s.co/wp-content/uploads/2021/07/bottom-bar-pc.png
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f21600545ab9c09be3ba77694ee30718b9e12a427a74674fe04ae88ea600703

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38119
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3174
last-modified: Tue, 17 Aug 2021 04:14:46 GMT
server: cloudflare
etag: "611b37b6-c66"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZkEXPha%2FR46lcfSrGeMLaTDMHj22lmcr70lCUR6pqtGcs3mRHM34N7S%2FxOpFQC1FEJyDDKUHmEdb6aTL7gV1eanjvSkrFeCkHQe%2F4FsPp%2FpmNT2mw7E%2F3o71uMySc0mT"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 773770b31b31a7ed-SYD
expires: Sat, 01 Apr 2023 11:43:26 GMT

GET
H3 200 circle.svg
www.ufa88s.co/wp-content/plugins/elementor/assets//mask-shapes/ 128 B
626 B 723ms
723ms Image
image/svg+xml 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ufa88s.co/wp-content/plugins/elementor/assets//mask-shapes/circle.svg
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25b6e61c5526b58e2739ec03b54702de8668ed9da146c1fed844a5ad177151df

Request headers

Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Origin: https://www.ufa88s.co
accept-language: en-NZ,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:45 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3951
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 13 Nov 2022 16:51:31 GMT
x-accel-version: 0.01
server: cloudflare
vary: Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XGNb8zJG67mPYbPZFRD%2FRVsypAfo6fAvZKrJpCWglVkiHM8WMt%2BUr%2FhuhgwQwg7Wn4cUOR68pKmsXlOWuFE1kHnHZLDgnkg8h5GadJ8Yik7gumE8TsyUHdSvLBjBD91f"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=10368000
cf-ray: 773770b31b33a7ed-SYD
expires: Sat, 01 Apr 2023 21:12:54 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f62612900bc5e16ee959104cad98100756d9a2ad1dd6a081d3e507cb71cb8102

Request headers

accept-language: en-NZ,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 cropped-UFA88S_1-psrkgyypd9ey90ukrjnfl58tnv7ik61a7tcushtmc8.png
www.ufa88s.co/wp-content/uploads/elementor/thumbs/ 20 KB
21 KB 295ms
295ms Image
image/png 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ufa88s.co/wp-content/uploads/elementor/thumbs/cropped-UFA88S_1-psrkgyypd9ey90ukrjnfl58tnv7ik61a7tcushtmc8.png
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1b3720f7afa8ae9a7fa0ac3a37f483bdbc3cafe5dc209edca8e9e912ab005d4

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38118
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 20934
last-modified: Thu, 04 Aug 2022 10:59:33 GMT
server: cloudflare
etag: "62eba695-51c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rK%2FOI6nChGXptqzoI7h2RJlCUmv%2B8uxpagBH0MNpYIh%2FyDQL5dXIX1m1Y0aeCuGPgjgNpUMbSML0zBObZZvtZuJLWCWmkW%2Fi%2B9oOiWDVmPeEkUQS3IApdwOPsx%2FhlvLO"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 773770b87879a7ed-SYD
expires: Sat, 01 Apr 2023 11:43:27 GMT

GET
H3 200 %E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%94%E0%B8%B5%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A-2-2-768x419.png
www.ufa88s.co/wp-content/uploads/2021/08/ 105 KB
106 KB 151ms
150ms Image
image/png 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ufa88s.co/wp-content/uploads/2021/08/%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%94%E0%B8%B5%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A-2-2-768x419.png
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc6862796e58a40a79ae5a3aaeb3aa707f42418255403d9cfe9607088a648399

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38118
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 107719
last-modified: Tue, 17 Aug 2021 06:20:50 GMT
server: cloudflare
etag: "611b5542-1a4c7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5PVSWC6f0%2FGWyJYSydkrANA7uDNDnqYSy7TipAxqzPX96Ms6nto2eRh46haVvZ%2FUkULTLklVlq29xp3frFuuE25q8Rof77d%2FGhY0ccFXKErVbFCHjxpZtl7mqwv62WPX"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 773770b8787aa7ed-SYD
expires: Sat, 01 Apr 2023 11:43:27 GMT

GET
H3 200 %E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%94%E0%B8%B5%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A3-1-768x41-1.webp
www.ufa88s.co/wp-content/uploads/2022/04/ 62 KB
63 KB 437ms
436ms Image
image/webp 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ufa88s.co/wp-content/uploads/2022/04/%E0%B8%82%E0%B9%89%E0%B8%AD%E0%B8%94%E0%B8%B5%E0%B9%80%E0%B8%A7%E0%B9%87%E0%B8%9A3-1-768x41-1.webp
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e06680e4e5e9b8616df7323fb5accedfee680b1e71d14e5497db13d3ea15db4f

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38118
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63816
last-modified: Thu, 28 Apr 2022 12:53:53 GMT
server: cloudflare
etag: "626a8e61-f948"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQ%2Fkcj3VNnDKV1vJ9zQuz8AIOxkhnzjcwzEDZmhhD53h%2BUc7nOqklCkbm5EVvBJg639AvzfvX6EjgaeYYBfFf%2BDtNDp3VjuV1B6opH9j5P%2Fy2ThyX6Pr8JEWOqt3sAv4"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=10368000
accept-ranges: bytes
cf-ray: 773770b8787ba7ed-SYD
expires: Sat, 01 Apr 2023 11:43:27 GMT

GET
H3 200 Pok-deng.222-1024x473-1-768x355.gif
www.ufa88s.co/wp-content/uploads/2022/01/ 93 KB
93 KB 293ms
292ms Image
image/gif 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ufa88s.co/wp-content/uploads/2022/01/Pok-deng.222-1024x473-1-768x355.gif
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ba6260a178184a3788d3444ff3a9e5ab2f96af04bf2d80b715b86e13212c08b

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 37965
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 94873
last-modified: Sat, 15 Jan 2022 04:53:18 GMT
server: cloudflare
etag: "61e2533e-17299"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DCcl63cJgTbx68ng08GhS%2B3SbZvbbAGx9IaaIF2wS3ZBZmCkxKzfLAGWBA63SDTSpAeZZwSM3Zx2uuAyre19gY%2B1pjd6NTcklaPqekZ0SphiavMX%2FBweesx7rLXeDGdL"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 773770b8787ca7ed-SYD
expires: Sat, 01 Apr 2023 11:46:00 GMT

GET
H3 200 ufa88s-mini-logo-plxwwx4l0snutjo7syzmnrrdfl5ovbf65u2vilpgqs.png
www.ufa88s.co/wp-content/uploads/elementor/thumbs/ 7 KB
7 KB 439ms
438ms Image
image/png 104.21.22.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ufa88s.co/wp-content/uploads/elementor/thumbs/ufa88s-mini-logo-plxwwx4l0snutjo7syzmnrrdfl5ovbf65u2vilpgqs.png
Requested by: Host: www.ufa88s.co
URL: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.21.22.195 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d11c8956f2b45255ce13d778a3fb2f67719cc0c4e7588e5075bb3b5cd5c7846

Request headers

accept-language: en-NZ,en;q=0.9
Referer: https://www.ufa88s.co/%E0%B8%9B%E0%B9%8A%E0%B8%AD%E0%B8%81%E0%B9%80%E0%B8%94%E0%B9%89%E0%B8%87%E0%B8%AD%E0%B8%AD%E0%B8%99%E0%B9%84%E0%B8%A5%E0%B8%99%E0%B9%8C/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 02 Dec 2022 22:18:46 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38119
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6909
last-modified: Wed, 16 Mar 2022 07:59:12 GMT
server: cloudflare
etag: "623198d0-1afd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWALl5KwVDGmw8t0NGGWQd7U%2BIwzvrV7Sf5BsMOJHcjTw6isKTVjgkMkSWLVWJpMjto%2BGXoajf%2FE8f4a3FjIhIgBQYCvh4xPU6fVzBABpGZT9K6X1UgXVyE%2B%2BVN3bDjd"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=10368000
accept-ranges: bytes
cf-ray: 773770b8787fa7ed-SYD
expires: Sat, 01 Apr 2023 11:43:27 GMT

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange undefined| href object| RocketPreloadLinksConfig object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| LazyLoad object| google_tag_manager object| google_tag_data object| dataLayer function| onYouTubeIframeAPIReady

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.gstatic.com
www.googletagmanager.com
www.ufa88s.co
104.21.22.195
142.251.12.94
142.251.12.97
23b15e3e259dbd35bb79ecb8cf95c7ea6cd606080dcadae4abd22c9cc1c02d0d
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25b6e61c5526b58e2739ec03b54702de8668ed9da146c1fed844a5ad177151df
2ba6260a178184a3788d3444ff3a9e5ab2f96af04bf2d80b715b86e13212c08b
35783aed5b0d590f8e9fbee656228197e120664669c0a25ccc5b2c9a192985db
39e02290feab678e07d2985824d11f9fa8cdaab8873147715850fc2bb85cbc1b
3d11c8956f2b45255ce13d778a3fb2f67719cc0c4e7588e5075bb3b5cd5c7846
3f21600545ab9c09be3ba77694ee30718b9e12a427a74674fe04ae88ea600703
42f1290c5344117dc51e259b5f01c1151077e7c73238faefa146edd4d0b93e22
43c072c16c9ee6d67acdfa6c6d6685ff1e74eb4237b7cc3c1348ab1c108b26af
691fa7d17effc7d303eda0ad7e4a1d91b2f375506cfc8a774480cc2b55f156ea
6d56ac0e908fa76b29b25c0115d82f355993787d0f1d088a45b38f776babbb6f
803e3560ed65623ec04f60b65859f2eee365bd6d0f47b7534daa6492b81d5371
8297e29307cb904fd64155bceed7ea4c1f63011722e417da882fafa04a64911e
8363f90139137e611d5b0c5fd15a00d979f9f72d7a1ddba0ab966bb38fe84088
845a97c979cf4d6efa91fb3a1d6c6bf547ac7a49b5f9162eb133901e81691415
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
a15fbd75ee790b478b72b05dcc26508d0cdafc199c920be9cedaef0740957049
a692a120048d5ab6790b7b2bce0a97dac054ced22e93c7e57703bd3bcab47a6d
b1b3720f7afa8ae9a7fa0ac3a37f483bdbc3cafe5dc209edca8e9e912ab005d4
b3a0b2a8b1ee977665c6deaac4be3b91b2f9fd6610221ca1ae31e6cb44199f6c
b7be1a25fcda009175b0f140bbd7ed9afdb5798d0c93717b44c62ddc19aef582
b947b9e4591d956c9a96f28a6fe81f00a197f4f7cb0762b94fa21149de1164c1
cc6862796e58a40a79ae5a3aaeb3aa707f42418255403d9cfe9607088a648399
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d9ea25116dc893d7aa59abe5ac6e9035ff1e3172746c8e86e996e123d4321b03
e06680e4e5e9b8616df7323fb5accedfee680b1e71d14e5497db13d3ea15db4f
e4208432ab62e4e5a5e5901bbc6db5ca3119001facc45108f137e9c5b5370352
e6edb55eb61bbaf02146bb62507589d688467102771c1bb7be159f77e0b33846
f62612900bc5e16ee959104cad98100756d9a2ad1dd6a081d3e507cb71cb8102
fc9602de815e40d608c47e3445ccce2207d5f95b863feb6d2f496413ae452f26