sao85.win Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sao85.win/
Submission: On September 01 via api (September 1st 2024, 10:12:05 pm UTC) from US — Scanned from NL

Summary HTTP 92 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 12 domains to perform 92 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is sao85.win.
TLS certificate: Issued by WE1 on August 15th 2024. Valid for: 3 months.

This is the only time sao85.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
70	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6811:f5cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81c::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
4	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.186.100 142.250.186.100	15169 (GOOGLE) (GOOGLE)
1 3	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:1901:0:f... 2600:1901:0:ff53::	15169 (GOOGLE) (GOOGLE)
1	2.16.1.243 2.16.1.243	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2.17.100.209 2.17.100.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2.17.100.185 2.17.100.185	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
92	15

70 188.114.96.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

sao85.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:f5cb (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.100 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany) 1 redirects

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:ff53:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

saowin-landingpage-default-rtdb.asia-southeast1.firebasedatabase.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.1.243 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-1-243.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.17.100.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-209.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

portal.taoliaii.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.17.100.185 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-17-100-185.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
70	sao85.win sao85.win	9 MB
5	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5874 api.livechatinc.com — Cisco Umbrella Rank: 5307 secure.livechatinc.com — Cisco Umbrella Rank: 6900	36 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 236	158 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1314	155 KB
3	facebook.com 1 redirects www.facebook.com — Cisco Umbrella Rank: 108	3 KB
3	gstatic.com fonts.gstatic.com	70 KB
1	taoliaii.xyz portal.taoliaii.xyz	2 KB
1	firebasedatabase.app saowin-landingpage-default-rtdb.asia-southeast1.firebasedatabase.app	479 B
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3123
1	google.com www.google.com — Cisco Umbrella Rank: 10
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 110	1 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	104 KB
92	12

	Domain	Requested by
70	sao85.win	sao85.win unpkg.com
4	connect.facebook.net	sao85.win connect.facebook.net
4	unpkg.com	2 redirects sao85.win
3	api.livechatinc.com	cdn.livechatinc.com
3	www.facebook.com	1 redirects sao85.win
3	fonts.gstatic.com	fonts.googleapis.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	portal.taoliaii.xyz	sao85.win
1	cdn.livechatinc.com	sao85.win
1	saowin-landingpage-default-rtdb.asia-southeast1.firebasedatabase.app	sao85.win
1	region1.google-analytics.com	www.googletagmanager.com
1	www.google.com	sao85.win
1	fonts.googleapis.com	sao85.win
1	www.googletagmanager.com	sao85.win
92	14

This site contains links to these domains. Also see Links.

Domain
web.sao85.win
www.facebook.com
www.telegram.me

Subject Issuer	Validity	Valid
sao85.win WE1	`2024-08-15` - `2024-11-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-06-11` - `2024-09-09`	3 months	crt.sh
*.gstatic.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.google.com WR2	`2024-08-05` - `2024-10-28`	3 months	crt.sh
*.asia-southeast1.firebasedatabase.app WR1	`2024-08-02` - `2024-10-31`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-07-10`	a year	crt.sh
taoliaii.xyz WE1	`2024-08-18` - `2024-11-16`	3 months	crt.sh

This page contains 3 frames:

Primary Page: https://sao85.win/
Frame ID: E54366A7C0525BD34C408D51E060847E
Requests: 93 HTTP requests in this frame

Frame: https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3833.8515682132434!2d108.21729761485886!3d16.07387708887657!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x314219b495fd12ff%3A0xf3f7b72e17fd2cb2!2s52%20Nguy%E1%BB%85n%20V%C4%83n%20Linh%2C%20Nam%20D%C6%B0%C6%A1ng%2C%20H%E1%BA%A3i%20Ch%C3%A2u%2C%20%C4%90%C3%A0%20N%E1%BA%B5ng%20550000%2C%20Vietnam!5e0!3m2!1sen!2sus!4v1641857556142!5m2!1sen!2sus
Frame ID: 86BF4AE8217955CBF16C243FAFB09F22
Requests: 1 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=14274288&group=0&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Frame ID: 225164EBDB5586CB32C0E5A70BC35052
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SAOWIN | Link tải SAO WIN chính thức không bị chặn

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

92
Requests

97 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

15
IPs

3
Countries

9382 kB
Transfer

11483 kB
Size

8
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://web.sao85.win/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/Saowindangcapgamebai

Search URL Search Domain Scan URL

URL: https://www.telegram.me/saowingamebaidangcap

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js HTTP 302
https://unpkg.com/@esotericsoftware/spine-player@4.2.58/dist/iife/spine-player.js

Request Chain 2

https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/spine-player.css HTTP 302
https://unpkg.com/@esotericsoftware/spine-player@4.2.58/dist/spine-player.css

Request Chain 63

https://www.facebook.com/tr/?id=292837559089287&ev=PageView&dl=https%3A%2F%2Fsao85.win%2F&rl=&if=false&ts=1725228718483&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725228718482.402362317235885071&ler=empty&cdl=API_unavailable&it=1725228718389&coo=false&rqm=GET HTTP 302
https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1725228718389&cdl=API_unavailable&ler=empty&fbp=fb.1.1725228718482.402362317235885071&o=12318&ec=0&r=stable&v=2.9.166&sh=1200&sw=1600&ts=1725228718483&if=false&rl=&dl=https%3A%2F%2Fsao85.win%2F&ev=PageView&id=292837559089287

92 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
sao85.win/ 40 KB
9 KB 410ms
379ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.4.16
Resource Hash: a9c4944823c39e9d382b307301ed56209872601b6fbe7df056955f0707257206

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8bc8995b39c30ba6-AMS
content-encoding: br
content-type: text/html
date: Sun, 01 Sep 2024 22:11:57 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCrba7IXTSIW2H3E2rJrgG9TV%2FZliG9ocgG1vmyyXAGG4ajp0OWcL9J18ii%2FrYGUdYtTIPLEHHhHEIWbjO28lpwMJ%2Bn58TTdNYvI64kfBn4BLX3VEhKUp4zScPs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.4.16

GET
H3 200 bootstrap.min.css
sao85.win/vendor/bootstrap/css/ 150 KB
24 KB 380ms
380ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/vendor/bootstrap/css/bootstrap.min.css
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 09:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6628cc98-2565e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AYn7yvlgd4M714c0d4miepBiBRnPdkfnvhFwIKP4bYfjLKKHjq1T%2BIDHdRI97poVoDXIyBc6yoy8XnYALciYQwNcHJiCFfKLSssQxcR7G7Ijh5uwHQtrYhOSaNg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8bc8995dac320ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2

200

spine-player.js Show response
unpkg.com/@esotericsoftware/spine-player@4.2.58/dist/iife/
Redirect Chain

https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
https://unpkg.com/@esotericsoftware/spine-player@4.2.58/dist/iife/spine-player.js

592 KB
149 KB

29ms
29ms

Script
application/javascript

2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@esotericsoftware/spine-player@4.2.58/dist/iife/spine-player.js

Requested by

Host: sao85.win
URL: https://sao85.win/

Protocol

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e294bd49e8e46a86513c071011d60f6298145983fbe2addba826000a44b59e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:57 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1692007
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J55CP4W4EA3XJEB0DF93WY1J-ams
server: cloudflare
etag: "94061-qiJAFvY4Z+ndo1dsS97Jf1QcKvQ"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8bc8995e1fd76630-AMS

Redirect headers

date: Sun, 01 Sep 2024 22:11:57 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J6QT3CX0WX7TPGC85YJ43VQC-ams
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 222
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@esotericsoftware/spine-player@4.2.58/dist/iife/spine-player.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8bc8995defa16630-AMS

GET
H2

200

spine-player.css
unpkg.com/@esotericsoftware/spine-player@4.2.58/dist/
Redirect Chain

https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/spine-player.css
https://unpkg.com/@esotericsoftware/spine-player@4.2.58/dist/spine-player.css

27 KB
5 KB

30ms
29ms

Stylesheet
text/css

2606:4700::6811:f5cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@esotericsoftware/spine-player@4.2.58/dist/spine-player.css

Requested by

Host: sao85.win
URL: https://sao85.win/

Protocol

Server

2606:4700::6811:f5cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ce8e4f63557164fa77205aa4469c74950cf834f1ac91c222d794e6e66ae7e0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:57 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 1692006
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01J55CP4YZX4R9EFJ66960X97R-ams
server: cloudflare
etag: "6b03-aw8nDNsBZLB10dvDahx+/f+4dro"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8bc8995e1fd46630-AMS

Redirect headers

date: Sun, 01 Sep 2024 22:11:57 GMT
content-encoding: br
via: 1.1 fly.io
cf-cache-status: HIT
fly-request-id: 01J6QT3CWZENDV3C2KE1XW0SGE-ams
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 222
server: cloudflare
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /@esotericsoftware/spine-player@4.2.58/dist/spine-player.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 8bc8995ddf9b6630-AMS

GET
H3 200 all.min.css
sao85.win/vendor/fontawesome-free/css/ 53 KB
12 KB 395ms
395ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/vendor/fontawesome-free/css/all.min.css
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cea191842cc543420286b3ef53672d148801dbc5542cbf1b4322b63b615f9432

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 09:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"6628cc98-d4c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sx1xSX%2B9mtIub4dzowtonX6YzyQbYU%2BKkOe9Z1mp2Bf%2F0DAm7FQhwm2x5iSQGP5zmOSN6Ra5vkt3j5DUV%2FOKev5TXa3GferGA2BgAZOhSwyoss9ulGmlbtqm7vA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8bc8995dac350ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 style.min.css
sao85.win/build/ 37 KB
8 KB 396ms
396ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/build/style.min.css
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f1acd643482613fe699e856db5d8b862a638da57c0d6d2489fa377b6ad88c257

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Jul 2024 13:59:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"669136c1-9381"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X3SdVOAUkbGUD%2BhEKyWcPtQt12YXVhrzBClIJsUoIQyJlhIMgoPK0fWbwg8oEKHuteX6IlmyKEtv90BhYmQreIPx%2FbfZEpXY9TYKArlnvZCJea25nQueoQQfXfI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8bc8995dac360ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 main-style.css
sao85.win/ 13 KB
3 KB 397ms
397ms Stylesheet
text/css 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/main-style.css
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d38472843f083d3dc466e3faefc5810bd745fefd04b9135cf260d543113d389d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Jul 2024 18:20:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"669173f8-33e6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B%2BGSqGZZzc98GzIaQhI57SDxe6WhKIL6cq0B%2FG0KJmJxDrfDq3McrAV940fniiFg7IKTbpZdcEgSd6hEVWJZsGd1fLGchb2zmaIUow1cO6weCzTwqYbPbigX9Pw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 8bc8995dac370ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 312 KB
104 KB 153ms
71ms Script
application/javascript 2a00:1450:4001:81c::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-RVSZ2C9QNF

Requested by

Host: sao85.win
URL: https://sao85.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3f7448ef9b62e632e57879d05b2e7e2fd42ae972de6b12596e0ebe77054291b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105609
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 01 Sep 2024 22:11:58 GMT

GET
H3 200 logo.webp
sao85.win/saowin_img/ 48 KB
49 KB 363ms
363ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/logo.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7baa20143a2e2d161f207d0818e9b1ef74ea805a5826cf6d2c3a50fb588ef606

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:31:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d81ec-c1c4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m6H4zaSkNBHFRY4m8lUiRjxcPLWzeFChBVZYVpkF18jlnwnJBKwK3a0OupFTtcyfTdCpK8HSOSa3D8%2Fw1Ajf8PF0eoKEHhjxj5Jnay0IW4JzVB8zDJVPXA4y%2FgE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc8995dac390ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 49604

GET
H3 200 btn_dn_off.webp
sao85.win/saowin_img/ 5 KB
6 KB 411ms
411ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dn_off.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e462e06285dc85320db0d2a59c7bf664a35acf1844aec3cd28bbe6a42b4b117b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:29:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d818c-1574"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=laXZY8I04lLNfOsxMW4Su8Pry1E63FHZD9VJVyT4iJ2adz4VAy6GeqPT73gifrnh60B3OnKmXshwBEyfhHRYRlOSTi0Z8V6JLV5CEX8SXcYcL2hBlMrSm8uXTEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc8995dac3b0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5492

GET
H3 200 btn_dn_on.webp
sao85.win/saowin_img/ 11 KB
11 KB 377ms
377ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dn_on.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9940359fa40c9f6a9972aca3e071f12a966a0a0568b867c5c82dc9f361aaa11

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:29:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d8194-2c1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qGCyuZ7zGrd%2BoriVBhe06rUl0tbjsqUduLbmC25RWB0C9DT5Dv5ykgw5yCpVbP%2Faeff452WCH0eKRCD4U%2FMBcN05s5tFrSKgLL8qNCHuDxJfUXfryUWL48Nsu9w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899603ec80ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11292

GET
H3 200 btn_dk_off.webp
sao85.win/saowin_img/ 5 KB
6 KB 371ms
371ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dk_off.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca57a5bcfc9e28a06cb92badb2c2cfd9277fe8f9fe8e191e9302586ef4c85a7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:29:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d817c-14a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Fi9s9t%2BzKFZFHVu5iRDppxQ1yUW76reo%2F125BxQQNReg8CW37PLZ4ar9bhF%2Bm6mIexY8URtdy4wOh3eD%2FEW%2B8f%2BAlDd1QWWNDmwemJjAe3889fDTYD771QDF2fI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899603ecb0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5280

GET
H3 200 btn_dk_on.webp
sao85.win/saowin_img/ 10 KB
11 KB 384ms
383ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dk_on.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586180ffabe4bc075a68939300df1e3f95e134006a5acf5f6fe1df097835dd16

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:29:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d8184-28b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEuwQ2bSEyGH%2BfJnM7iTEaXjsjJPiyp7F3rkX%2FfSQHeUDKp6qpec%2B68s0bmZR6NfR7vGcVvN0LMjVzmywkIQPuH0r17xp3ZC8bu3qua0Duo0S%2Fp7Lrdf9aA9eJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899615fa60ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10416

GET
H3 200 user.webp
sao85.win/saowin_img/ 828 B
1 KB 387ms
385ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/user.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dc670860529e01c72928c846141b5720f0488bb4c692581b513f8373b90d74e

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:31:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d8206-33c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F6lCjGcQvETEo3%2BTtZqUYVN%2F3a7clAuB1dnT0KauAy1Se8TP0pcLChAXmgtNHWmVUcu%2F%2B70q6CBglOnLLqfo39YNCO0z80Mac0O0n%2FBHRY715w3uRMzw%2Bie3IoU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899615fac0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 828

GET
H3 200 pass.webp
sao85.win/saowin_img/ 884 B
1 KB 388ms
385ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/pass.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a17fbe061926545f3aca3861a27528edfa546db4f24f654c98758279913205dd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:31:14 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d81f2-374"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FIa5lBKT9RgBaKOruP4FkZ3De%2Bw5ZsYx5tw8Dg%2F8PbMdgiPvAE16uTpZx2ZTPUFeCYLj2eYFEgob8Z2KisQ4XSo7W3iidVU6j3zboZVbjefHOl8Y3OMbFU7D%2Bsw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fae0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 884

GET
H3 200 captcha-character.png
sao85.win/saowin_img/ 2 KB
2 KB 389ms
386ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/captcha-character.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24110a0e03d9cbb22dfbf91f27b0175b682ba1d8b22cc1acab89f171d27b2bfe

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 14:25:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d4858-660"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=w10hiGGUlgKRAeSxquoyM1pAa07GHiEq7sZ5JX%2BQ5hSXqxWIIJWYD%2B5Uy%2FTFE5TzOzaNfRVTdPjTtq4r%2F7ZIA2wUioRqD5kkuuPLOgXNWf7owYgU%2FgUqDr2E3BE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616faf0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1632

GET
H3 200 ic_captcha.webp
sao85.win/saowin_img/ 762 B
1 KB 390ms
387ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/ic_captcha.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5043a9d369b106594f611ec24f8288fa9649e2a3b6ae5d1c45ebe83dffcd18ab

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:28:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d8166-2fa"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PfrUySxc5koTmMmHw9P9duv4uJ5NK45sHsHWaZNIVucdEWZAmO9yXn2LQZFX3gWT3%2BIR3FBsyWQT7h93RVvKUFVPL9PcMRyNHrKtlTeVoDRi%2F6p2K%2BM2MwaLDBA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fb00ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 762

GET
H3 200 btn_dk.webp
sao85.win/saowin_img/ 8 KB
9 KB 367ms
363ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dk.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f3e06c1c08c1bd227cf83b7a186fc37a22ed388d98751229af3f6495f89af9c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:28:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d8156-20be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j7INZkgDY8twUSG65WN%2FBXoaOY4KoYuo%2Bkf4W7LuN6zQlGLkq17duxFbf7WIiJn4L7RaSHm6JWnea9KEl%2BsqOUuCeAEv%2FxgGDZWlt4ZE%2B5dBa2nWJVasYhQV%2B0c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fb10ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8382

GET
H3 200 btn_dn.webp
sao85.win/saowin_img/ 9 KB
9 KB 365ms
361ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dn.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e9ed7927e6cc04237ba74d8392e61794874c24222f9458cfaf84eafecaa9e3f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:28:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d815e-22dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rx2cYsWuSjrhmqXUm0sXTuzD%2Bv8R%2BsDyaOcxfmJVavm3262OSPGcjCdp1NWeVIjPlmRJl13bEj13j15wCQ0h%2BDm9Oj9dHG7x2XKxnIc5JbriQYScc1BTJ%2BdU6UA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fb20ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8924

GET
H3 200 playweb.webp
sao85.win/saowin_img/ 14 KB
14 KB 199ms
196ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/playweb.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08a329f1aa673c06445f0df26d7f73ba7bf1252da8cb35862ad802263003970d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:29:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d816c-36ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m4aivzTJ4uFcQLjfXyRR2LZ4CPT5%2B4K4CatfJYSEwsImidOfxty41q5VHSnm827fnid7qDYtG%2F0E0szXdKbiua3uRpG%2FYFUQsM4Mvibo%2FmN%2BmAs9%2FY%2BCje0Ctk8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fb30ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 14030

GET
H3 200 alertweb.webp
sao85.win/saowin_img/ 23 KB
23 KB 390ms
387ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/alertweb.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 599be2016f494e07542ac668bccc8d884eb95114d4ff2ce05eaaadbda238a0ce

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:26:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d80d6-5a1e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f9ELcZFwe1b3aYyGppNDK98tdaPh8p3d5Iq9SoOuIb6KhrUAWcOGXbi10CwUMgmL9xPQWQsR5tmnwilhkc%2FA8qa%2BW4gIw7UE2Ub9OBwlrlEoNOUdb8zwXIjFYBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fb40ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 23070

GET
H3 200 btn_fb.png
sao85.win/saowin_img/ 36 KB
36 KB 392ms
389ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_fb.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b21e9bccc15786daedced6d1973e663383b8b3993f86ab56644136c90d3a57d

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Jun 2024 14:30:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667d77a0-8f49"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H0O0BPBurKRd3ZZM6zPKRsM2MvbDucEHgndRZxWQcJ%2B0Su8eF84lo5br0%2B06XrAh47wDfBUhQZ0hXJn%2BRuHbi86G7phG1ot7WLENCSWKQlbmU3QE7%2BhbxNVVEl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fb50ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 36681

GET
H3 200 btn_tele.png
sao85.win/saowin_img/ 36 KB
36 KB 393ms
390ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_tele.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cb2fe5c95e7ecccb47a91981eafbf12bc97dcb3bee398c470472cba92c7580b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Jun 2024 14:30:56 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667d77a0-8f6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Zk3QV3o%2FshHMrLqCgSSxls6TggeU%2F61APpZCwKwLKIXouInA1OugbfBphZ3Q1tPRtmn42fAGAXo1FdoA%2Bzfuu1hyjMk1lLra3p3QElqzcCai9b59KHH9s40PfrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fb60ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 36715

GET
H3 200 left.png
sao85.win/saowin_img/ 9 KB
9 KB 394ms
392ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/left.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9a0e51d4775349106adce79e4de4e1aacb1a33738e80934cb20aaa2f6897066

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Jun 2024 14:36:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667d78ee-233f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7dlrnadn%2BMFoING7iBPGWv5UlKnYYLvhaHxCzz3sNj%2B0QlFOtypyE7562SHKne1Zz%2B6aJ4UxsN5hYrcU8%2BUutvyTVsCFIjfjEt0Bz1dygtLy7cr8tXHF8ePHuqE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fb70ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9023

GET
H3 200 right.png
sao85.win/saowin_img/ 9 KB
9 KB 395ms
392ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/right.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d72bb6e6fb092ac11ab8370ae1d69cea62c0818e93f3bc44c6b0994ec452687

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Jun 2024 14:36:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667d78ee-238f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDKcpeQIfpvxlH2%2F9IsuruTBOdtq23BmvqM%2B0ytu9Aq78mlz9LZrnv9IT2cHcrlRsb3sYF9Yv6k%2Bfl%2BYzK2r%2B93XYNLPqBGGjU71iQihHjud70PMDqlZWadUB8M%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fb80ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 9103

GET
H3 200 taigame.png
sao85.win/saowin_img/ 36 KB
36 KB 430ms
428ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/taigame.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 355683a879c29e80432e7edf3ea3ffd54333200e041a674a030dbf5c2175e401

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Mon, 01 Jul 2024 07:18:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6682585c-8fd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9x2pFyKDPdSvkQw0xRBUmnE%2B0p86vQ%2FcieR9aWD2c1r43RtYkdXZPfEQJVK6pJoiZG7wnV%2BUAbMg66eoUrmz6%2BUK8ZjOQkOS%2F%2FXcbIuihu6Y6e6DgSPYdDBsdPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fb90ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 36823

GET
H3 200 bancaidat.png
sao85.win/saowin_img/ 27 KB
28 KB 393ms
391ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/bancaidat.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1bd1eddd61dace756a07e795666a851b2e1c1c2238993a6be92aa80363faf4f3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Jun 2024 14:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667d78f0-6dd6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DUHkzVr720nUlJlpFPG9tKSSu24umlFWMPestUb1I6g8GksC0xniYBxrY1NqvHb%2FxZnHLW4ylCX%2Fw6SSGI8ehUOaNNbbs4CZhCCj1Eh6cURi2nUW1Oib31hg3UI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fbd0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 28118

GET
H3 200 choinhanh-mb.webp
sao85.win/saowin_img/ 21 KB
22 KB 401ms
399ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/choinhanh-mb.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f30bf27d89f0e86b984b0d2c1880ebcd7e5de33b4099c2f6626e5227451a07f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 12 Jul 2024 07:43:22 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6690de9a-5568"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tBGxduwxynEa0mCo0vlZyqIvdvHi5PkoCEL%2Fb7PUtMeiHx3Me7OwRjA3%2BHPHHcOXZqn22jya%2BggTlaa4q2yF6BTa3rknE1xfVFrnJ7z3uXMQlqXI8D9d9DXT4ek%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fbe0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 21864

GET
H3 200 banweb.png
sao85.win/saowin_img/ 28 KB
28 KB 403ms
400ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/banweb.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22eb6039dace7313c544118916db043008cdd8646338986772aa347c4ed24d05

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Jun 2024 14:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667d78f0-7009"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=645rwvxgXaeh72HOQr4yvdoqb70dsbW7Qy1lqsMZE8iWq3rxj5NQR9lhYOtI0xSQLt12%2BFTA9azNZ1HpIc0H%2BEVrvGQCjflQOyw%2FGmM%2Bh%2BYWGZqeMCPALwCX%2B6A%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fc00ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 28681

GET
H3 200 security.webp
sao85.win/saowin_img/ 74 KB
75 KB 404ms
401ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/security.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9458b59ec6049cd11748aefbc0ab96d19438a7f5fc8b396f706ce9c9708915a2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 29 Jun 2024 16:27:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668035f0-12976"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKpedWfLjsCmf4MvuJh374OixudSWLxkX9w7MWn9HP6uRvQo7EbNFpI8k0eq%2FyNm1F7kRABeBdxYxLBKekoVIG%2Fqlv2eJcBL5gEbVvwZMULK6nfNKgQjAFWrMq0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fc20ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 76150

GET
H3 200 manygames.webp
sao85.win/saowin_img/ 138 KB
139 KB 406ms
403ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/manygames.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 78645fb323b5e199638e952ae1cfcc9a53e060fb0e5e6bc3fb8403b688b562c8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 29 Jun 2024 16:27:28 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668035f0-22874"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UYrQSQ9vlAwADcbJWSuYQnGBCiLhCsaEaLsRbKIBHsabqnzrDcRUjgM3QnUKysP5ddpjYJTQZnOgKcu%2Bwi3srT0mPOMYHxDMzw64rm7G5eM6sGXIX0pQaW5SE1o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fc50ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 141428

GET
H3 200 support247.webp
sao85.win/saowin_img/ 76 KB
76 KB 408ms
406ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/support247.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ec753cfdfd73ce40d7385f78a462844e2e7650cb2f243394fb04c51230e5cd8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 29 Jun 2024 16:27:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668035f2-12f98"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nTS2FxVHP%2FO7gvfUUH%2Bz4xf3o0r8G2qdIK3wtgQQMmk3S93bg2hdKLXvQ8NCsMdTH9WIjqk52ijR5jv%2BOHzByJYRponF5sJnbTbyDkkPPtaB698%2FXlmicNS5P%2Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fc80ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 77720

GET
H3 200 payment.webp
sao85.win/saowin_img/ 63 KB
64 KB 409ms
407ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/payment.webp
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2a0782d6138666f71472bf2b5a0d04f5a6a1aa352fa1fcac32d4bfa21da0a18

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 29 Jun 2024 16:27:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668035f2-fd2e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VG%2BHa0unZAiiU%2BSsUzKl9chA2E28U15G7CB0nRBEQvxu%2Fxm6snjs7QCXx0TOftaBIyY%2B%2FG%2FkCmB8R9NCFKjdJzY5g015sBLwTTTInpYLcDRKkGAhTpFSD4iXtaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fca0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 64814

GET
H3 200 logo2.png
sao85.win/saowin_img/ 122 KB
122 KB 410ms
408ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/logo2.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a3402f38e578f7f40dcc547e9fb92d1a6720439d2017db6dc9f80ea620944cb

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Jun 2024 14:36:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667d78f0-1e65e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IeXz9tqoMhXAZPYYXHJd6i8Y%2BPFUK%2FlhpSGx853HbXKjIEqb9yeVvzeFDYUpbMHFDYsEfBILOLYWTMseDq7jkBoKAs23vWehw6Oxs1BXgErnNsdJfD0O6%2BPxTAo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fce0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 124510

GET
H3 200 dmca.png
sao85.win/saowin_img/ 15 KB
15 KB 480ms
478ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/dmca.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1dda0d2f5a0098e76a0abea2dffaff9dc2bac9c3fa875109c802097d6e5c28c8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Jun 2024 16:55:44 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667eeb10-3bee"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GOo11hjPNnJcQsoAiHeIVcCyc0ATPkEGtMYUTm2NLo0SV8R7t9xrYc6DHnImLOeEuQHovBNDsBg1P5ger2giiRTHTDLrwXGtbkx4IQ%2FXhJ6GZx7bdZ1eAVmFCjU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fcf0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15342

GET
H3 200 icon-close(1).png
sao85.win/images/ 2 KB
3 KB 483ms
481ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/images/icon-close(1).png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 641a7fa09e2ff23e3b718a91602cc291ada938fb293d6ea9b7a6029c443592a2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 09:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628cc96-9ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=604PVcwBStZDlERkBWfOjBNNWkpBMYmRMy5SF96%2BZt85tXGxM%2BG%2BhS%2Fdmg5NJChaMWakFVFimcMjhbL%2FtTf3IXRRHhDkAhthZEc8RGqtsamQXbx95UfQTp681Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fd00ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2559

GET
H3 200 thumb-thank.png
sao85.win/images/ 54 KB
54 KB 366ms
364ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/images/thumb-thank.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f09d0dfe4dbe6db58633eee0c55df78bc0c9c2ca2e197cab414cd2c9996b211

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 09:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628cc96-d6ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UcQd9knNzIA5WuD0csvzRvtR24zUbq53RU6WXGPQ9UUtYMRqzonx2BHMCgFi%2FoUC2AuwtMSgAfvS6Zy9DW3rDOiY6YsuAPTj236QpAuFjwfXqnopjKeNT6ixx8s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fd20ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 54990

GET
H3 200 icon-close.png
sao85.win/images/ 2 KB
3 KB 484ms
482ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/images/icon-close.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 641a7fa09e2ff23e3b718a91602cc291ada938fb293d6ea9b7a6029c443592a2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 09:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628cc96-9ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1lgoTzRKtS6J7X9L4%2FypY9D1Ducfi0Lr2bV%2BkG4sP8CMwvoFtrXGKrzDT25mVJqhLwwkZgMWb8peX%2Bm4C6JxdWHdX%2BDc077b1tj5aIXG6xVUzR1pBqf0v1ASWK4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fd30ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2559

GET
H3 200 chonggiamao.png
sao85.win/saowin_img/ 144 KB
144 KB 485ms
483ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/chonggiamao.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66af65c5a65e8fa5d590436e6297813023dc8a910f709aeae2fa317fefba23f4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Thu, 27 Jun 2024 14:30:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667d779e-23e40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SprTo8gP4gWf5i3hDsNTTGcAW8GtahJ0Oubd2oV1dLlXTVFC2cFXL0KpSIDzo4ofxHxLEMBO5Ao%2BLkF2URtne%2FCQquTmiOgnBuA%2FSChfvB5HK6YaxyCNIy1jlww%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899616fd50ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 147008

GET
H3 200 app.min20124.js Show response
sao85.win/build/ 724 KB
144 KB 385ms
384ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/build/app.min20124.js?v=2.0.124
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ebaf6b18a037a5bfb855e14d3b4b16b077dbd1828dda75030b1429090097026

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Fri, 16 Aug 2024 10:45:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66bf2dc0-b5116"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=90UZiBqWqDyqg1EtWfCPex6pbvjZx%2FtZcag75Kz5exkLlg42YpeoPC2cxc1ETzXGKmUcTkqgBLVzZS7nyFwNFoA10WiFdpG0BYDb0UA5OXOk54tA%2FBE0Jwf9OB4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
cf-ray: 8bc899615fab0ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
1 KB 182ms
63ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Requested by

Host: sao85.win
URL: https://sao85.win/main-style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2ceb044fbea6e5616887f79557f76fe8b1053593d01b862aa3d50f986d9ac272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 01 Sep 2024 20:54:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 01 Sep 2024 22:11:58 GMT

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 225 KB
58 KB 60ms
27ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: sao85.win
URL: https://sao85.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 01 Sep 2024 22:11:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 31
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 58936
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=29, rtx=0, c=23, mss=1232, tbw=4285, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: skFxmcDQhvXHKKP0a3QtxkZTCspYuT4oqWIbYVsBayuitkwyzT48L4noVeTinZ5CLm2AkE0MJDJBZITL05iX+A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 khongkhoatk.json Show response
sao85.win/animation/1/ 44 KB
7 KB 499ms
499ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/animation/1/khongkhoatk.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 982835a4f0cee037619e6343777d4bf896a0f351f64702d6bb739389bc948295

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jun 2024 15:20:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667ed4ba-afd2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qoq39bPosLk4FpBtACb85KG5FVuLb0d7KKl6SfZy1TQajEu%2BGIo2ZKi14JnWQDLDPZRz4mvg95skmguzV%2BHY5%2BQAV7iuQrY2CwsdKPq5gq4aFJ2TVsA2zO%2FloD4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 8bc89961980e0ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 khongkhoatk.atlas Show response
sao85.win/animation/1/ 540 B
974 B 500ms
500ms XHR
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/animation/1/khongkhoatk.atlas
Requested by: Host: unpkg.com
URL: https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 599226acfc98c6f7c1b12a06641f09139c9f77ed98bc33b7a3ce2d00d24541ac

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jun 2024 03:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e2804-21c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eNsQ4FVFBnvlt%2F8VUvYl9ciTEnLlTfggQm21AXOWH7siqbZq3UwEjhLzp%2FcPXbghgzDWAowg4nuVtt0ydEhOKJVlJ3%2BoyUDbaSjVSn%2FTPlRM5Ac9gUFHYGnGMac%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8bc8996198100ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 540

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b47e9a518418e39669940647850294d6975474aacbe475dfbd9327a8488f51e2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f4d064aed7026c74cb476afb1c9d6261df0022f8f458c6593133ab9b69714d2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 bg-pc.webp
sao85.win/saowin_img/ 15 KB
15 KB 498ms
498ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/bg-pc.webp
Requested by: Host: sao85.win
URL: https://sao85.win/main-style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0435da5a1d259d84cb3451b0b2ce7beff142ae14228a98f75478d452da435178

Request headers

Referer: https://sao85.win/main-style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:28:18 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d8142-3bc0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tYyEmrOxgeZdLEoSln1PjETUZ%2FM73nToL5tz%2FkqZVO5LDKun93sHO8rT5QybkVZhCdUQgB9rbxHUDAv1GxWanOGTCrwR%2BGs6jQaCulCD5XAVsKxp45CRR1eeY%2FY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc8996198110ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 15296

GET
H3 200 board_dk.webp
sao85.win/saowin_img/ 41 KB
42 KB 499ms
499ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/board_dk.webp
Requested by: Host: sao85.win
URL: https://sao85.win/build/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df68562671455de583c5a77a6fd27c6e1842444fa92543b3a2a7d3d4044dbff3

Request headers

Referer: https://sao85.win/build/style.min.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:30:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d81c6-a4a2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BNoKQ5RF5%2BNt1VFY4qlTIChJ6KQZdxzIUuqZ2Wzuh49WOGHYkjMAaRgPpgJBdTz%2B7Phci0PaWm3J2OadvzIAHYFLEPckTQtaRE0dF4C%2B72qcJDM%2Bpbzp6I2m29E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899617fda0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 42146

GET
H3 200 khungnhap.webp
sao85.win/saowin_img/ 854 B
1 KB 504ms
504ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/khungnhap.webp
Requested by: Host: sao85.win
URL: https://sao85.win/main-style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b87c76cbc6963ce2330602163ca52d7bbafd5c0204d8aea43de2e10c6f663f64

Request headers

Referer: https://sao85.win/main-style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:31:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d81e4-356"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f0pm1ZN%2FFOkcu4EA8xrbfwAudslpJAMaTNNIdO42WK9DnvsN3JuZ4Vc2LASC6BOfMfCeuxI%2F2C%2FsPpnHb6RcuFXcd84NmMuhqfClG%2FBbfELDMo5wSnQ0rbevu5w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899617fdc0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 854

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 118ms
57ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 01:43:55 GMT
x-content-type-options: nosniff
age: 160083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 01:43:55 GMT

GET
H3 200 fa-regular-400.woff2
sao85.win/vendor/fontawesome-free/webfonts/ 13 KB
14 KB 501ms
500ms Font
font/woff2 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/vendor/fontawesome-free/webfonts/fa-regular-400.woff2
Requested by: Host: sao85.win
URL: https://sao85.win/vendor/fontawesome-free/css/all.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0

Request headers

Referer: https://sao85.win/vendor/fontawesome-free/css/all.min.css
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 09:10:48 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628cc98-3518"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ClSO1lcDPP5g7Gq9mn%2BqM3yKjjXyLxhIK93%2FMsG6Fm8RPpnSy2X0hhZuSjpv8wHvaIpozHvF8w25ueDBxyn%2B8hlauVuuWfEkL7oEJPviBPJHbX5dB8nw8V75sSc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899617fe10ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 13592

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 27 KB
27 KB 171ms
111ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wdhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sat, 31 Aug 2024 16:10:53 GMT
x-content-type-options: nosniff
age: 108065
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27812
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:37:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Aug 2025 16:10:53 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2
fonts.gstatic.com/s/montserrat/v26/ 9 KB
10 KB 112ms
52ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459WZhyzbi.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 30 Aug 2024 01:44:56 GMT
x-content-type-options: nosniff
age: 246422
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9512
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:58:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Aug 2025 01:44:56 GMT

GET
H3 200 livechat.json Show response
sao85.win/animation/2/ 24 KB
4 KB 202ms
202ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/animation/2/livechat.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dcdb2b24313a56065f41d5ccfbe0ff1956b9782ab927b7370f9bbef3764cf7c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jun 2024 15:40:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667ed986-5fa8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AeG4VaoVt4J4d%2F86BkqvnhF4t5CXZLoGEZ%2B%2BnXiIugbcxOxwLoIgzjrKym6IJZi%2BS9SUE7jyJBl%2FB3PZR1lX6R98jjN8nnrNBtBA2DY1JShvPg2HPw6%2B0lYJ55U%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 8bc899618fe90ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 livechat.atlas Show response
sao85.win/animation/2/ 380 B
812 B 496ms
496ms XHR
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/animation/2/livechat.atlas
Requested by: Host: unpkg.com
URL: https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf434b08b1af8fc207791bfe7101e996ecc5b6cf3a73b00c93646f5812e155fd

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jun 2024 15:37:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667ed8d2-17c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ztBJ69Emsyfxw3CSygIe%2B1i3XHziuN0MCzgYjx0htkkUuuN9gTCADPKrsgQUrAO4HKah6n6J8dSy7BfUza2VZmCCO1oyNgdY5G2%2BHpJz0r7sWbqEjfnB9Fgy6Q4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8bc899618fed0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 380

GET
H3 200 ruatien.json Show response
sao85.win/animation/3/ 24 KB
4 KB 492ms
491ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/animation/3/ruatien.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc1d65068031d612823e081af7c71475f7cc597a8e472352db4b49435ee31c0f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jun 2024 15:20:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667ed4ba-5f95"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ijSZ3OewWxIJtTkHNn0GE%2BPhI3wRH8JTlpGdnDI%2FyNIZmaubty1uaT9Aow9rHhHxxFyKiOPnfiRbWLcpCsg72v2V7WKP350sZJeV4xpWuQd7JHCJ7gT6TzAi%2FXY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 8bc899618ffd0ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 ruatien.atlas Show response
sao85.win/animation/3/ 434 B
864 B 492ms
492ms XHR
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/animation/3/ruatien.atlas
Requested by: Host: unpkg.com
URL: https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40d575a288866290d019c05e6f601278d4adfbe13665db5e4995d01bcd5d09c4

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jun 2024 03:05:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e285c-1b2"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=esweWUiES0wBU56sw3Sj%2B1u281AlnTR%2BC9zoytS4RZMi8tMW4R42wr4FC8hHTIvOQDNXPaZ84ipULObxa3Jhla7ulmxvgWojqIAlcFS2th2B4TS2nLGxTCOaIG4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8bc899618ffe0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 434

GET
H3 200 rutkhongps.json Show response
sao85.win/animation/4/ 26 KB
4 KB 482ms
482ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/animation/4/rutkhongps.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a4d8d756c86ef51a35b7b25bfb451eba4fec5b30c639d6364b3187e39dae946

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jun 2024 15:20:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667ed4ba-6902"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3UjXlBss5g13z2KCvlNjWSqHOPjkloDXQTiGU0EKS3SiLD%2FAxQyXBxH8c4GGX42MBWJmE3jBLbKI1na%2F3lPAqp46%2BvIU5FlgjgkM9AsRQNGhyetYQgW7ad6CBVM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 8bc8996198130ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 rutkhongps.atlas Show response
sao85.win/animation/4/ 619 B
1 KB 482ms
482ms XHR
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/animation/4/rutkhongps.atlas
Requested by: Host: unpkg.com
URL: https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e47e859b7c7a40c60019e974a39dab6061b0a0537bd373f3e1ce9fdebb989a8

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jun 2024 03:05:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e2896-26b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1BBM8%2BAQZ8aSJq685VdAwLGje3WooAgbzCChDo7k%2Byc5QHCdYINIcq6FzJh406r9ZqcKlG6lHf3fjqIdkYHapzWFv44CheKNND0yej4%2Bt8G3A9w4K4mzyGzfBTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8bc8996198140ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 619

GET
H3 200 animgiua.json Show response
sao85.win/animation/5/ 24 KB
4 KB 479ms
479ms XHR
application/json 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/animation/5/animgiua.json
Requested by: Host: unpkg.com
URL: https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3d89fb41ed6b19abd5bec8e822a0d4f63fe28ed04ddab4cfbcd6f0dd1e9787f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 28 Jun 2024 15:26:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"667ed630-615d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MS6ukr5iXtWTLZ6OY2HN%2B2Dfadr8P8KuWRm1WG91%2BmQ%2BVg8vrI6yI0QlwX2iYdYbgktUyC5i%2Fii7ivNP%2F%2Bl8slArsBzVxFJBRSZ8nvC3Wh014ZaBVci4ECBz5dU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json
cf-ray: 8bc89961a8180ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 animgiua.atlas Show response
sao85.win/animation/5/ 533 B
971 B 479ms
479ms XHR
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/animation/5/animgiua.atlas
Requested by: Host: unpkg.com
URL: https://unpkg.com/@esotericsoftware/spine-player@4.2.*/dist/iife/spine-player.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1289e37280750d8025648fd9688d11252dcb4d8bb419350b5b5935af2d2a5293

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: DYNAMIC
last-modified: Fri, 12 Jul 2024 16:30:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "66915a12-215"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LApcmVPHctuA0ZghFCXpNpJcdVF9b%2BjndtMNM2cPV44HW7s7VPxqDSNG6xGF3cXS%2BmP53iVMfzC5egIAQGKBAhyHHxFevoRkmwS%2B2gJ%2FR%2B%2FxRgN4tEtTZiRmKyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
accept-ranges: bytes
cf-ray: 8bc89961a81a0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 533

GET
H3 200 embed
www.google.com/maps/ Frame 86BF 0
0 505ms
460ms Document
text/html 142.250.186.100
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/maps/embed?pb=!1m18!1m12!1m3!1d3833.8515682132434!2d108.21729761485886!3d16.07387708887657!2m3!1f0!2f0!3f0!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x314219b495fd12ff%3A0xf3f7b72e17fd2cb2!2s52%20Nguy%E1%BB%85n%20V%C4%83n%20Linh%2C%20Nam%20D%C6%B0%C6%A1ng%2C%20H%E1%BA%A3i%20Ch%C3%A2u%2C%20%C4%90%C3%A0%20N%E1%BA%B5ng%20550000%2C%20Vietnam!5e0!3m2!1sen!2sus!4v1641857556142!5m2!1sen!2sus

Requested by

Host: sao85.win
URL: https://sao85.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.100 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f4.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-6-d4-BSTxIu3-JA9ZmroEQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: gzip
content-length: 1039
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-6-d4-BSTxIu3-JA9ZmroEQ' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
content-type: text/html; charset=UTF-8
date: Sun, 01 Sep 2024 22:11:58 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
server: scaffolding on HTTPServer2
vary: Origin X-Origin Referer
x-content-type-options: nosniff
x-robots-tag: noindex,nofollow
x-xss-protection: 0

GET
H3 200 list.webp
sao85.win/saowin_img/ 16 KB
16 KB 475ms
474ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/list.webp
Requested by: Host: sao85.win
URL: https://sao85.win/main-style.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2ba716cc3f4f68fafe8328dbf2d1699aff396c7099cada131cf4c5ac64868ac

Request headers

Referer: https://sao85.win/main-style.css
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Sat, 29 Jun 2024 06:19:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667fa75e-3fd4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F1%2FjHGtMSJFsizUzA2ONaG%2Fa4DLxnhgl4NJBMLNjXB7Q3B4OvXf6m1jmpNLYuyMYwzTre%2FEEooDdUaTHW1%2FAO5Ze%2Bh2gLNlUbzRMWYwciYrSGb1fpOD1M9qGV0w%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc89961a8210ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 16340

GET
H3 200 292837559089287 Show response
connect.facebook.net/signals/config/ 64 KB
13 KB 78ms
77ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/292837559089287?v=2.9.166&r=stable&domain=sao85.win&hme=da9a399065fb1c492026018b9e54864148adfb49d800f41752428fb7b59190f8&ex_m=69%2C118%2C104%2C108%2C60%2C4%2C97%2C68%2C16%2C94%2C86%2C50%2C53%2C168%2C171%2C183%2C179%2C180%2C182%2C29%2C98%2C52%2C75%2C181%2C163%2C166%2C176%2C177%2C184%2C127%2C40%2C34%2C139%2C15%2C49%2C190%2C189%2C129%2C18%2C39%2C1%2C42%2C64%2C65%2C66%2C70%2C90%2C17%2C14%2C93%2C89%2C88%2C105%2C51%2C107%2C38%2C106%2C30%2C91%2C26%2C164%2C167%2C136%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C56%2C61%2C63%2C73%2C99%2C27%2C74%2C9%2C8%2C78%2C47%2C21%2C101%2C100%2C102%2C95%2C10%2C20%2C3%2C19%2C83%2C55%2C81%2C33%2C72%2C0%2C92%2C32%2C80%2C85%2C46%2C45%2C84%2C37%2C5%2C87%2C79%2C43%2C35%2C82%2C2%2C36%2C62%2C41%2C103%2C44%2C77%2C67%2C109%2C59%2C58%2C31%2C96%2C57%2C54%2C48%2C76%2C71%2C24%2C110

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

154b3caf56ac7a26d355819ee616f685a43515c3d51e0f4e826d08229d5c0334

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sun, 01 Sep 2024 22:11:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 23
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=74, mss=1232, tbw=66955, tp=63, tpl=0, uplat=53, ullat=0
pragma: public
x-fb-debug: CEETzYrhLj6lkyQHCDSQDU1Bbkaf0iDs6V2deylzafG2Qw1eo5yS/2j7vww3gUeqDfiIYzVQTP3oup05jc2S4Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

/
www.facebook.com/tr/
Redirect Chain

https://www.facebook.com/tr/?id=292837559089287&ev=PageView&dl=https%3A%2F%2Fsao85.win%2F&rl=&if=false&ts=1725228718483&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725228718482.402362...
https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1725228718389&cdl=API_unavailable&ler=empty&fbp=fb.1.1725228718482.402362317235885071&o=12318&ec=0&r=stable&v=2.9.166&sh=1200&sw=1600&ts...

0
130 B

24ms
23ms

Image
text/plain

2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?redirect=0&rqm=GET&coo=false&it=1725228718389&cdl=API_unavailable&ler=empty&fbp=fb.1.1725228718482.402362317235885071&o=12318&ec=0&r=stable&v=2.9.166&sh=1200&sw=1600&ts=1725228718483&if=false&rl=&dl=https%3A%2F%2Fsao85.win%2F&ev=PageView&id=292837559089287

Requested by

Host: sao85.win
URL: https://sao85.win/

Protocol

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=3344, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Sun, 01 Sep 2024 22:11:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

Redirect headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=22, rtx=0, c=10, mss=1297, tbw=2778, tp=-1, tpl=-1, uplat=0, ullat=0
pragma: no-cache
date: Sun, 01 Sep 2024 22:11:58 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
content-type: text/plain
location: /tr/?redirect=0&rqm=GET&coo=false&it=1725228718389&cdl=API_unavailable&ler=empty&fbp=fb.1.1725228718482.402362317235885071&o=12318&ec=0&r=stable&v=2.9.166&sh=1200&sw=1600&ts=1725228718483&if=false&rl=&dl=https%3A%2F%2Fsao85.win%2F&ev=PageView&id=292837559089287
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 239ms
192ms Image
image/png 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=292837559089287&ev=PageView&dl=https%3A%2F%2Fsao85.win%2F&rl=&if=false&ts=1725228718483&sw=1600&sh=1200&v=2.9.166&r=stable&ec=0&o=12318&fbp=fb.1.1725228718482.402362317235885071&ler=empty&cdl=API_unavailable&it=1725228718389&coo=false&rqm=FGET

Requested by

Host: sao85.win
URL: https://sao85.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: zstd
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Sun, 01 Sep 2024 22:11:58 GMT
document-policy: force-load-at-top
x-fb-server-load: 28
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7409800923590877823", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=27, rtx=0, c=10, mss=1297, tbw=3518, tp=-1, tpl=-1, uplat=162, ullat=0
pragma: no-cache
x-fb-debug: wWmLPn9YdwZFtCmHpJKX9WMJKuUORz0TzYNhRlGEsLd17L3eauy2K1VCjSv87j9S/bxxUZwdNdgYF95jdxg81A==
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7409800923590877823"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 55ms
20ms Fetch
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-RVSZ2C9QNF&gtm=45je48s0v9189106705za200&_p=1725228718289&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1897276687.1725228719&ul=nl-nl&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1725228718&sct=1&seg=0&dl=https%3A%2F%2Fsao85.win%2F&dt=SAOWIN%20%7C%20Link%20t%E1%BA%A3i%20SAO%20WIN%20ch%C3%ADnh%20th%E1%BB%A9c%20kh%C3%B4ng%20b%E1%BB%8B%20ch%E1%BA%B7n&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1303
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RVSZ2C9QNF
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Sep 2024 22:11:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://sao85.win
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK .json Show response
saowin-landingpage-default-rtdb.asia-southeast1.firebasedatabase.app/ 170 B
479 B 653ms
306ms XHR
application/json 2600:1901:0:ff53::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://saowin-landingpage-default-rtdb.asia-southeast1.firebasedatabase.app/.json

Requested by

Host: sao85.win
URL: https://sao85.win/build/app.min20124.js?v=2.0.124

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:ff53:: Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

nginx /

Resource Hash

01286489958ccfe9d5e52e47bb073bfbe1ffac50a7092a380ad9790f3599d470

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload

Request headers

Accept: */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Sun, 01 Sep 2024 22:11:59 GMT
Strict-Transport-Security: max-age=31556926; includeSubDomains; preload
Server: nginx
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://sao85.win
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 170

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 83 KB
28 KB 101ms
23ms Script
application/javascript 2.16.1.243
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.243 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-1-243.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2caa7e7d4a63daf033bbb632f0565e64e5865d406102b398e297c8f9d0e2e3e3

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-amz-version-id: ltat2k9p3Xr1i0xSTiN5XzpdXyZIjNRg
content-encoding: br
date: Sun, 01 Sep 2024 22:11:58 GMT
x-amz-cf-pop: FRA60-P2
x-amz-server-side-encryption: AES256
cross-origin-resource-policy: cross-origin
content-length: 28462
last-modified: Thu, 29 Aug 2024 11:11:41 GMT
server: AmazonS3
etag: W/"f15c37e9c67cfba1b1c822dd24e287a0"
vary: accept-encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: keDXHqr0HsI9iWPQO8FPsymmDl1Oe-bkpaXEzAZrDQ8x3lCEiENi3Q==
expires: Mon, 02 Sep 2024 06:11:58 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/vi_VN/ 3 KB
2 KB 26ms
26ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js

Requested by

Host: sao85.win
URL: https://sao85.win/build/app.min20124.js?v=2.0.124

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

1a75c0138e083c194ce03bcce44da22bf621014e87d7de0dbc55f1d5998b73b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 01 Sep 2024 22:11:58 GMT
content-md5: pYvRFVj9QJrwKFihhU5Orw==
document-policy: force-load-at-top
x-fb-server-load: 45
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1688
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=85, mss=1232, tbw=80411, tp=76, tpl=0, uplat=0, ullat=-1
x-fb-debug: 8giVmNZaZwKs7wQkuJSfvqsNPkBy0tOQyRFromLMlniwqp2SxSdLfNeQahkfgk5sFK18FV6Ec5CfEXRzCUPkyQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 4151afa034474a885e8b5f4bfc1f6a7a
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "9957aa28612594e531ad0ee4ec712b0d"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sun, 01 Sep 2024 22:12:55 GMT

GET
H3 200 jackpot.html Show response
sao85.win/ 12 KB
4 KB 199ms
199ms XHR
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/jackpot.html
Requested by: Host: sao85.win
URL: https://sao85.win/build/app.min20124.js?v=2.0.124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fca9a04f32e2b2dc026e83a79afbc40770b9cb7f53adff19aa1594dfa9a58955

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Wed, 24 Apr 2024 09:10:45 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BMgLL4zOdWs5XUsUl7VhggAljRwdj6649LI5W11GPQ66kiJWP%2F3543yHMsPanC8u7E71DKxCUTUUYuP8yGveTUuop%2B%2BldIwVrG3VHOdxlVWzgQE84XuceARo2Ko%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cf-ray: 8bc899649b790ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 btn_dn_off.webp
sao85.win/saowin_img/ 5 KB
6 KB 386ms
384ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dn_off.webp?v=2.0.124
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e462e06285dc85320db0d2a59c7bf664a35acf1844aec3cd28bbe6a42b4b117b

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:29:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d818c-1574"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qhrJaUTVWbuksO7IYAT2GDpu01QpGjACr9UOr8Wcca6%2FzUAp6ryQaWem1PjxHax6EVardvFweLRNcoR%2BzjI1RfMXvu9Qss4eAwHILG1co87FhClxbFx2xsZ80EA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899649b7b0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5492

GET
H3 200 btn_dn_on.webp
sao85.win/saowin_img/ 11 KB
11 KB 366ms
364ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dn_on.webp?v=2.0.124
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f9940359fa40c9f6a9972aca3e071f12a966a0a0568b867c5c82dc9f361aaa11

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:29:40 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d8194-2c1c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=sLnSeV%2BRZvPEYl1%2BJeKY8NvT5KDTrFfz11juNlaS0A13ELLlHLbxuTO7vu6B5tcR0jGAhoX4CbuHx1BvTwWMSRFpK6KeR2lDZymqG8rKE4leqbgwQmuYFj%2BQT%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899649b7c0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 11292

GET
H3 200 btn_dk_off.webp
sao85.win/saowin_img/ 5 KB
6 KB 365ms
363ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dk_off.webp?v=2.0.124
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ca57a5bcfc9e28a06cb92badb2c2cfd9277fe8f9fe8e191e9302586ef4c85a7

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:29:16 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d817c-14a0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IRgD%2B299EzcOVHe9SCEb%2Fkl314UioKK0ToGjJb6aS32SNuj%2BPGnm7ADa9un2i70OZlSDzpnq2orbgHOIiry0cq20WkLTHaBbAtaUYWf8%2BOrdSSSCO8F7U%2ByTT3I%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899649b7f0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 5280

GET
H3 200 btn_dk_on.webp
sao85.win/saowin_img/ 10 KB
11 KB 387ms
386ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dk_on.webp?v=2.0.124
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 586180ffabe4bc075a68939300df1e3f95e134006a5acf5f6fe1df097835dd16

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:29:24 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d8184-28b0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vjyqyp9G%2FOm6BkNeDDKCIkMz9P%2BThvY8J64yfc2Q3OY5J%2F7oTS0JCQBz2salGOIswE5At%2FTZAObBHI6SHQLyufp6BeBaeyjBJF3b%2BPRwwq4iPXO6pY5YTsBLOPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899649b800ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 10416

GET
H3 200 btn_dk.webp
sao85.win/saowin_img/ 8 KB
9 KB 388ms
387ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dk.webp?v=2.0.124
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f3e06c1c08c1bd227cf83b7a186fc37a22ed388d98751229af3f6495f89af9c

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:28:38 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d8156-20be"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RvfHRk1mS0%2BpcaZ5fAiSTkcZCv1NmigU7%2FLKrJ9urFMMvdoWY2GBQSpq676Vu1IogEo1SqOhhCp%2FkdALQCVksmppGwREscURHslLHAKrLrAGYDWPCQ%2FKAb1lVmw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899649b810ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8382

GET
H3 200 btn_dn.webp
sao85.win/saowin_img/ 9 KB
9 KB 199ms
197ms Image
image/webp 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/saowin_img/btn_dn.webp?v=2.0.124
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4e9ed7927e6cc04237ba74d8392e61794874c24222f9458cfaf84eafecaa9e3f

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Tue, 09 Jul 2024 18:28:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "668d815e-22dc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wAuOO0mw1ho48R3%2F05%2BczCSyAh8xPiLkH1A%2Bi07KVXEl4GIO%2B7xVfkPYlFkxUzvnW%2BmvemDyS0aZNMZ7m%2FozGNPIx%2F4k4Wlw2HXTLR3daKmRaxxIfAdG9sjqmiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899649b830ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 8924

GET
H3 200 thumb-thank.png
sao85.win/images/ 54 KB
54 KB 389ms
388ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/images/thumb-thank.png?v=2.0.124
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f09d0dfe4dbe6db58633eee0c55df78bc0c9c2ca2e197cab414cd2c9996b211

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 09:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628cc96-d6ce"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Eg04K%2BNb3D3DwWwrYLlgcrDf4tmrkTjyetC4seJpknAbdvZmGB7ns3sjBc3QuxIH80%2FG6JFmKcPP3lc4c07xcL8Nqc6slV%2F3iAqbiNqBwNQS66jFswAm%2FzPErsM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899649b840ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 54990

GET
H3 200 icon-close.png
sao85.win/images/ 2 KB
3 KB 196ms
194ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/images/icon-close.png?v=2.0.124
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 641a7fa09e2ff23e3b718a91602cc291ada938fb293d6ea9b7a6029c443592a2

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:58 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 09:10:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "6628cc96-9ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=568XgXyHz9n8%2FHcUOteK5ksKwlrMV0twPTBId2CVORtme7VO5xl4x5lOVYk%2FHq0fvH2ec8DQ1EymrbgAJPmbVteVQCv595X%2BhdDyWzLFvlwRlzs5oB5%2BFA23RFo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899649b850ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 2559

GET
H3 200 khongkhoatk.png
sao85.win/animation/1/ 1 MB
1 MB 366ms
365ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/animation/1/khongkhoatk.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece4eb7b804cf30f7f04377d23b9367b646577e77841be96052306018f814cc7

Request headers

Referer
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Jun 2024 03:03:32 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e2804-16718f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nquSp9PgnXPA0EmXos8u9Ib9qiZINOfcaTQ6J7PB%2BUw5X4V9hBLEdppWOPBo9W7rNwyRi5FmNssviUMHAbcIH4TQkMGy3AuENtNmKusAYoW1yr1%2F%2Fr%2FqDN26Wbs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc899649b870ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1470863

GET
H3 200 ruatien.png
sao85.win/animation/3/ 2 MB
2 MB 539ms
538ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/animation/3/ruatien.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bbc9c2ef40cbad453421abefdd754c0b7d346e12598d93325b2dbfa75ba6a7d0

Request headers

Referer
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Jun 2024 03:05:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e285c-199352"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8B4hK%2B%2BTs4GcY4%2BqdQx630jQCG9600WydbadjkxWqFYBTeoQ4b1ZXok6jLLvU%2BPivfTdXfYWgUiYe6yalei9EXqqJBlCdZMHnrhISacjYGX3ad0wusWnsRLEvY8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc89964ab970ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1676114

GET
H3 200 livechat.png
sao85.win/animation/2/ 2 MB
2 MB 756ms
756ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/animation/2/livechat.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fc088bc7a5a27bdb5b09453400db97e9149e00a29d6e6d50336d11ae4347c02

Request headers

Referer
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Jun 2024 03:04:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e2834-1c1b62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=naMXWcEnIqkCwvc7QybMCQEzi9n6J1%2FiIt6MyQrwU%2F0pcUvUU9E2jVGom%2FXnLXfCHXGzFd7O8ab9txhaZ9lb4U7dVuC1KkJBZLACn9YdgVRG1kyjdDpiszCylmc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc89964ab980ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1842018

GET
H3 200 rutkhongps.png
sao85.win/animation/4/ 1 MB
1 MB 1039ms
1038ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/animation/4/rutkhongps.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc03c9ffe3a3207e99d211aaece0df84a555521e84014ed3cb58e87e4109a208

Request headers

Referer
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Jun 2024 03:05:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667e2896-1753a1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D6wKg76NfWvGhBGUHRkud9n%2FH1ysLYJp05PKzTag1iai8mcgouwMB338RA1KgcLWDqbXk0I55gdXt1I2YPLRhtp33CN3wI%2Bzi93QTyZJwehxIEHM%2FK47obEW8t0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc89964ab9a0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1528737

GET
H3 200 animgiua.png
sao85.win/animation/5/ 1010 KB
1011 KB 1295ms
1294ms Image
image/png 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sao85.win/animation/5/animgiua.png
Requested by: Host: sao85.win
URL: https://sao85.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b119825100ce26236b32ef784b700c4c2733972de73f8189dd216900ddd0f3de

Request headers

Referer
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
cf-cache-status: REVALIDATED
last-modified: Fri, 28 Jun 2024 14:54:20 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "667ece9c-fc760"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O9tZQZb%2BqyvoiMwhopgX%2BfQoUj94g3Mw5ONXw%2Bt%2F8Rq8GNspHWhFYg5WZMA0rpfc8pSv0EJ%2BDMJ%2Fg1TLjeww8VuzcvfBbcKzwpuWantVpBArQH9IqeIun6GBUIU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8bc89964ab9b0ba6-AMS
alt-svc: h3=":443"; ma=86400
content-length: 1034080

GET
H3 200 sdk.js Show response
connect.facebook.net/vi_VN/ 300 KB
86 KB 52ms
27ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/vi_VN/sdk.js?hash=36d23a6476560ce2c0f8d6107eb97a33

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/vi_VN/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

1e95441ef2ef5e8f3c5c7dfa28699750c2bf8b1941401314444e40e1b569fab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 01 Sep 2024 22:11:58 GMT
content-md5: srfjtEeHacmHu8esycY3BA==
document-policy: force-load-at-top
x-fb-server-load: 49
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87891
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=23, rtx=0, c=23, mss=1232, tbw=4316, tp=9, tpl=0, uplat=3, ullat=-1
x-fb-debug: w5dyMWOtFHH83ykQ5Ql+gTESz1Lh2R7dPx5/VSeagNVNR1OKubBlbVe3boafyYsQzY1efUX88VZxmw6QzepfmQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: a34dbd881427ffcc8d497c180d781a72
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "711aa4813522ba7ea4efde4ec11f8524"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 01 Sep 2025 21:52:55 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 385 B
567 B 489ms
413ms Script
application/javascript 2.17.100.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=14274288&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fsao85.win%2F&channel_type=code&jsonp=__rmep0v6s2o

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.17.100.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-17-100-209.deploy.static.akamaitechnologies.com

Software

Resource Hash

c8c36ef9b841a2a20fb3a19fda9a3f33ec0d93e9a92fd0355a24cf5de8e9bacd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors ;
X-Frame-Options	allow-from

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

content-security-policy: frame-ancestors ;
date: Sun, 01 Sep 2024 22:11:59 GMT
cross-origin-resource-policy: cross-origin
content-length: 385
vary: Accept-Encoding
x-frame-options: allow-from
content-type: application/javascript; charset=UTF-8

GET
H3 404 SFUHelveticaCondensedBlack.ttf
sao85.win/fonts/ 0
0 1045ms
1045ms Font
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/fonts/SFUHelveticaCondensedBlack.ttf
Requested by: Host: sao85.win
URL: https://sao85.win/build/style.min.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://sao85.win/build/style.min.css
Origin: https://sao85.win
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=50ffpYFwWmQuVTwlyoJlRTrX6y4R25kdKlsG2TAFxUw4UA%2BqFXFY%2B6SO9FOwZr2k1n8uuhywlLsJIG1dq0kpWeww6WxwcYrEUG6MeJL7wig3dxG7flwwysIncP8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8bc899681ed40ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 api Show response
portal.taoliaii.xyz/ 2 KB
2 KB 917ms
850ms XHR
text/html 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://portal.taoliaii.xyz/api?c=124&pf=web&at=&_=1725228718757
Requested by: Host: sao85.win
URL: https://sao85.win/build/app.min20124.js?v=2.0.124
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b67c8814167f5a2f228c2d4dd21056b6f4babf4f156b7395c3be2c6bf33a12c2

Request headers

Accept: */*
Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:12:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jGbCQX9IyloyRjYZT%2BvlPYRtHm%2B1JakFMWLC1magh4NwFWkfXZqRVLJxfzvqVq1PHtp4vLet%2FvGX93pLOdYxNAkoHVo2e3ukNDxuWfbIGp8X%2FsKjBSyG0Xy2TafOou%2FGytJm2gqu"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://sao85.win
cf-ray: 8bc899696b929f6f-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 5 KB
2 KB 232ms
232ms Script
application/javascript 2.17.100.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=b8499130-710d-4c59-9cb7-b34b0a4b0076&version=1039.0.4.84.188.58.3.5.1.1.1.17.1&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a24f2ae11b1d55250640ec8b06ac0250fd31e9466ea1c847d33f317369950ea

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
deprecation: 2024-11-30
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
content-length: 1800
expires: Sun, 01 Sep 2024 22:21:59 GMT

GET
H/1.1 200
OK open_chat
secure.livechatinc.com/customer/action/ Frame 2251 0
0 261ms
182ms Document
text/html 2.17.100.185
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=14274288&group=0&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.185 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-185.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 742
Content-Type: text/html; charset=utf-8
Date: Sun, 01 Sep 2024 22:11:59 GMT
Vary: Accept-Encoding
cross-origin-resource-policy: cross-origin

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 15 KB
5 KB 174ms
174ms Script
application/javascript 2.17.100.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=b8499130-710d-4c59-9cb7-b34b0a4b0076&version=470b74842e9d45ce9f156d1d5a957bad_28c8487af97fe1e47e515d90336bae2a&language=vi&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.17.100.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-17-100-209.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ada8488a22e94920a72a5e789a89639d7382208eea54819207a65f2ae53f32e9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:11:59 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
deprecation: 2024-11-30
cache-control: public, max-age=600
cross-origin-resource-policy: cross-origin
content-length: 4895
expires: Sun, 01 Sep 2024 22:21:59 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 95733374504e8e845da251456aa6c21464b4b4bd925307f6ea339c1d41e825f9

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 favicon.ico
sao85.win/ 1 KB
1 KB 373ms
373ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 469d806e1490933df0f27d3fc6332bd4c92597b27f73a084cd6ccb98cc1de184

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:12:00 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 15:00:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66291e9b-57e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRfKZkpFsvd7Y68RUSzGxpe2SxfWu6DZqP2ElnL9A3sbhwj4ITmCKHwp2qjAKFyMY8AqMky%2Bg3IyicPLHSLHN6nvsTpXtxJAncHTN4QvX0qCG9vyDquq9Z9T1VM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 8bc8996f8e600ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 200 favicon.ico
sao85.win/ 1 KB
0 0ms
0ms Other
image/x-icon 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 469d806e1490933df0f27d3fc6332bd4c92597b27f73a084cd6ccb98cc1de184

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:12:00 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Wed, 24 Apr 2024 15:00:43 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"66291e9b-57e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eRfKZkpFsvd7Y68RUSzGxpe2SxfWu6DZqP2ElnL9A3sbhwj4ITmCKHwp2qjAKFyMY8AqMky%2Bg3IyicPLHSLHN6nvsTpXtxJAncHTN4QvX0qCG9vyDquq9Z9T1VM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/x-icon
cache-control: max-age=14400
cf-ray: 8bc8996f8e600ba6-AMS
alt-svc: h3=":443"; ma=86400

GET
H3 404 favicon-32x32.png
sao85.win/images/favicons/ 555 B
553 B 373ms
372ms Other
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sao85.win/images/favicons/favicon-32x32.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Sun, 01 Sep 2024 22:12:01 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7IalV6bTR5svL2neyvqo0IIwb4GQYDo56CfILLsLqoui3elVxTAZsi4Qdv4WtKfFt9gFDPNEDGa5gI7okU2e4MsuIRUKJ%2BM1nGM7a%2BkFBDBsrQhgDxd8VFNNYd8%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
cf-ray: 8bc89971d89f0ba6-AMS
alt-svc: h3=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-21 08:49:48	Name: __lc_cid Value: 0ffbcef9-b08b-42b6-8b97-87190219cc79
.accounts.livechatinc.com/v2/customer/token	1970-01-21 08:49:48	Name: __lc_cst Value: 81467af6b215045218df26d4e33d69743c19bad8567ef56c76081aa9d4071eaae7e65280a55ed456857c5776538be77fcfb626284e319f9c0c678f6087a6
.accounts.livechatinc.com/customer/token	1970-01-21 08:49:48	Name: __lc_cid Value: 0ffbcef9-b08b-42b6-8b97-87190219cc79
.accounts.livechatinc.com/customer/token	1970-01-21 08:49:48	Name: __lc_cst Value: 81467af6b215045218df26d4e33d69743c19bad8567ef56c76081aa9d4071eaae7e65280a55ed456857c5776538be77fcfb626284e319f9c0c678f6087a6
.sao85.win/	1970-01-21 01:23:24	Name: _fbp Value: fb.1.1725228718482.402362317235885071
.sao85.win/	1970-01-21 08:49:48	Name: _ga_RVSZ2C9QNF Value: GS1.1.1725228718.1.0.1725228718.0.0.0
.sao85.win/	1970-01-21 08:49:48	Name: _ga Value: GA1.1.1897276687.1725228719
accounts.livechatinc.com/	1970-01-20 23:13:48	Name: __oauth_redirect_detector Value: counter=1&t=1725228750&tag=13d88c491cfc94d63568c68c37605981dacc511a

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://sao85.win/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://sao85.win/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "new-password"): (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://sao85.win/ Message: [DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o
network	error	URL: https://sao85.win/fonts/SFUHelveticaCondensedBlack.ttf Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sao85.win/images/favicons/favicon-32x32.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.livechatinc.com
cdn.livechatinc.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
portal.taoliaii.xyz
region1.google-analytics.com
sao85.win
saowin-landingpage-default-rtdb.asia-southeast1.firebasedatabase.app
secure.livechatinc.com
unpkg.com
www.facebook.com
www.google.com
www.googletagmanager.com
142.250.186.100
157.240.0.6
188.114.96.3
188.114.97.3
2.16.1.243
2.17.100.185
2.17.100.209
2001:4860:4802:34::36
2600:1901:0:ff53::
2606:4700::6811:f5cb
2a00:1450:4001:801::200a
2a00:1450:4001:80e::2003
2a00:1450:4001:81c::2008
2a03:2880:f177:185:face:b00c:0:25de
01286489958ccfe9d5e52e47bb073bfbe1ffac50a7092a380ad9790f3599d470
0435da5a1d259d84cb3451b0b2ce7beff142ae14228a98f75478d452da435178
08a329f1aa673c06445f0df26d7f73ba7bf1252da8cb35862ad802263003970d
0ec753cfdfd73ce40d7385f78a462844e2e7650cb2f243394fb04c51230e5cd8
0f09d0dfe4dbe6db58633eee0c55df78bc0c9c2ca2e197cab414cd2c9996b211
0f3e06c1c08c1bd227cf83b7a186fc37a22ed388d98751229af3f6495f89af9c
1289e37280750d8025648fd9688d11252dcb4d8bb419350b5b5935af2d2a5293
154b3caf56ac7a26d355819ee616f685a43515c3d51e0f4e826d08229d5c0334
1a75c0138e083c194ce03bcce44da22bf621014e87d7de0dbc55f1d5998b73b9
1b21e9bccc15786daedced6d1973e663383b8b3993f86ab56644136c90d3a57d
1bd1eddd61dace756a07e795666a851b2e1c1c2238993a6be92aa80363faf4f3
1dda0d2f5a0098e76a0abea2dffaff9dc2bac9c3fa875109c802097d6e5c28c8
1e95441ef2ef5e8f3c5c7dfa28699750c2bf8b1941401314444e40e1b569fab7
22eb6039dace7313c544118916db043008cdd8646338986772aa347c4ed24d05
24110a0e03d9cbb22dfbf91f27b0175b682ba1d8b22cc1acab89f171d27b2bfe
26a448d7f02e7b021d15ba5d546ce57d822e6c7728420eb089a23adf10ea26ef
2caa7e7d4a63daf033bbb632f0565e64e5865d406102b398e297c8f9d0e2e3e3
2ce8e4f63557164fa77205aa4469c74950cf834f1ac91c222d794e6e66ae7e0c
2ceb044fbea6e5616887f79557f76fe8b1053593d01b862aa3d50f986d9ac272
2ebaf6b18a037a5bfb855e14d3b4b16b077dbd1828dda75030b1429090097026
355683a879c29e80432e7edf3ea3ffd54333200e041a674a030dbf5c2175e401
3a4d8d756c86ef51a35b7b25bfb451eba4fec5b30c639d6364b3187e39dae946
3bb1199d12ae09deeda4466322b863de030594a83fb2166ca26d241b1a9020c1
3cb2fe5c95e7ecccb47a91981eafbf12bc97dcb3bee398c470472cba92c7580b
3f7448ef9b62e632e57879d05b2e7e2fd42ae972de6b12596e0ebe77054291b0
3fc088bc7a5a27bdb5b09453400db97e9149e00a29d6e6d50336d11ae4347c02
40d575a288866290d019c05e6f601278d4adfbe13665db5e4995d01bcd5d09c4
469d806e1490933df0f27d3fc6332bd4c92597b27f73a084cd6ccb98cc1de184
4a3402f38e578f7f40dcc547e9fb92d1a6720439d2017db6dc9f80ea620944cb
4ca57a5bcfc9e28a06cb92badb2c2cfd9277fe8f9fe8e191e9302586ef4c85a7
4e9ed7927e6cc04237ba74d8392e61794874c24222f9458cfaf84eafecaa9e3f
4f30bf27d89f0e86b984b0d2c1880ebcd7e5de33b4099c2f6626e5227451a07f
5043a9d369b106594f611ec24f8288fa9649e2a3b6ae5d1c45ebe83dffcd18ab
586180ffabe4bc075a68939300df1e3f95e134006a5acf5f6fe1df097835dd16
599226acfc98c6f7c1b12a06641f09139c9f77ed98bc33b7a3ce2d00d24541ac
599be2016f494e07542ac668bccc8d884eb95114d4ff2ce05eaaadbda238a0ce
5d72bb6e6fb092ac11ab8370ae1d69cea62c0818e93f3bc44c6b0994ec452687
5dc670860529e01c72928c846141b5720f0488bb4c692581b513f8373b90d74e
5e47e859b7c7a40c60019e974a39dab6061b0a0537bd373f3e1ce9fdebb989a8
641a7fa09e2ff23e3b718a91602cc291ada938fb293d6ea9b7a6029c443592a2
66af65c5a65e8fa5d590436e6297813023dc8a910f709aeae2fa317fefba23f4
6a24f2ae11b1d55250640ec8b06ac0250fd31e9466ea1c847d33f317369950ea
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
6e1f71b09a1de41dc109318bff4733fa7dfa6d03bf6b7fa9a994939274555dd9
78645fb323b5e199638e952ae1cfcc9a53e060fb0e5e6bc3fb8403b688b562c8
7baa20143a2e2d161f207d0818e9b1ef74ea805a5826cf6d2c3a50fb588ef606
8dcdb2b24313a56065f41d5ccfbe0ff1956b9782ab927b7370f9bbef3764cf7c
8f4d064aed7026c74cb476afb1c9d6261df0022f8f458c6593133ab9b69714d2
922a7a005a299daab272ef3b0c7106716572ece666c54c187ce6836b32474973
940b3908bf9fc263ff7a9640fd719a1a3ecca9e1224e9ce4758053fa01edbcc0
9458b59ec6049cd11748aefbc0ab96d19438a7f5fc8b396f706ce9c9708915a2
95733374504e8e845da251456aa6c21464b4b4bd925307f6ea339c1d41e825f9
982835a4f0cee037619e6343777d4bf896a0f351f64702d6bb739389bc948295
a17fbe061926545f3aca3861a27528edfa546db4f24f654c98758279913205dd
a3d89fb41ed6b19abd5bec8e822a0d4f63fe28ed04ddab4cfbcd6f0dd1e9787f
a9c4944823c39e9d382b307301ed56209872601b6fbe7df056955f0707257206
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ada8488a22e94920a72a5e789a89639d7382208eea54819207a65f2ae53f32e9
b119825100ce26236b32ef784b700c4c2733972de73f8189dd216900ddd0f3de
b2a0782d6138666f71472bf2b5a0d04f5a6a1aa352fa1fcac32d4bfa21da0a18
b47e9a518418e39669940647850294d6975474aacbe475dfbd9327a8488f51e2
b67c8814167f5a2f228c2d4dd21056b6f4babf4f156b7395c3be2c6bf33a12c2
b87c76cbc6963ce2330602163ca52d7bbafd5c0204d8aea43de2e10c6f663f64
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bbc9c2ef40cbad453421abefdd754c0b7d346e12598d93325b2dbfa75ba6a7d0
c8c36ef9b841a2a20fb3a19fda9a3f33ec0d93e9a92fd0355a24cf5de8e9bacd
cc1d65068031d612823e081af7c71475f7cc597a8e472352db4b49435ee31c0f
cea191842cc543420286b3ef53672d148801dbc5542cbf1b4322b63b615f9432
cf434b08b1af8fc207791bfe7101e996ecc5b6cf3a73b00c93646f5812e155fd
d2ba716cc3f4f68fafe8328dbf2d1699aff396c7099cada131cf4c5ac64868ac
d38472843f083d3dc466e3faefc5810bd745fefd04b9135cf260d543113d389d
df68562671455de583c5a77a6fd27c6e1842444fa92543b3a2a7d3d4044dbff3
e294bd49e8e46a86513c071011d60f6298145983fbe2addba826000a44b59e35
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e462e06285dc85320db0d2a59c7bf664a35acf1844aec3cd28bbe6a42b4b117b
e9a0e51d4775349106adce79e4de4e1aacb1a33738e80934cb20aaa2f6897066
ece4eb7b804cf30f7f04377d23b9367b646577e77841be96052306018f814cc7
f1acd643482613fe699e856db5d8b862a638da57c0d6d2489fa377b6ad88c257
f9940359fa40c9f6a9972aca3e071f12a966a0a0568b867c5c82dc9f361aaa11
fc03c9ffe3a3207e99d211aaece0df84a555521e84014ed3cb58e87e4109a208
fca9a04f32e2b2dc026e83a79afbc40770b9cb7f53adff19aa1594dfa9a58955

sao85.win Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

97 %HTTPS

50 %IPv6

12 Domains

14 Subdomains

15 IPs

3 Countries

9382 kBTransfer

11483 kBSize

8 Cookies

3 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sao85.win Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

97 %
HTTPS

50 %
IPv6

12
Domains

14
Subdomains

15
IPs

3
Countries

9382 kB
Transfer

11483 kB
Size

8
Cookies

92 HTTP transactions
3 data transactions