www.hello-win.live Open in urlscan Pro
2606:4700:3030::6815:5d05 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.hello-win.live/0.1703050076867143
Effective URL:
https://www.hello-win.live/0.1703050076867143
Submission: On January 22 via api (January 22nd 2024, 9:21:25 pm UTC) from US — Scanned from US

Summary HTTP 55 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 1 countries across 7 domains to perform 55 HTTP transactions. The main IP is 2606:4700:3030::6815:5d05, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.hello-win.live.
TLS certificate: Issued by GTS CA 1P5 on January 19th 2024. Valid for: 3 months.

This is the only time www.hello-win.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3034::ac43:c9d9	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	2606:4700:303... 2606:4700:3030::6815:5d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	23.48.224.75 23.48.224.75	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	23.48.224.134 23.48.224.134	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2607:f8b0:400... 2607:f8b0:4006:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2607:f8b0:400... 2607:f8b0:4006:817::200e	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42::485 2a04:4e42::485	54113 (FASTLY) (FASTLY)
2	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
55	9

1 2606:4700:3034::ac43:c9d9 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.hello-win.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:3030::6815:5d05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.hello-win.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.48.224.75 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-75.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.48.224.134 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-224-134.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
accounts.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80f::2008 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:817::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	hello-win.live 1 redirects www.hello-win.live	3 MB
9	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 5963 api.livechatinc.com — Cisco Umbrella Rank: 5415 secure.livechatinc.com — Cisco Umbrella Rank: 6663 accounts.livechatinc.com — Cisco Umbrella Rank: 7278	336 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	266 KB
2	gstatic.com www.gstatic.com	54 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	311 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	65 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	92 KB
55	7

	Domain	Requested by
36	www.hello-win.live	1 redirects www.hello-win.live
4	cdn.livechatinc.com	www.hello-win.live secure.livechatinc.com
3	cdn.jsdelivr.net	www.hello-win.live
3	api.livechatinc.com	cdn.livechatinc.com
2	www.gstatic.com	www.hello-win.live
2	www.google-analytics.com	www.googletagmanager.com
2	cdnjs.cloudflare.com	www.hello-win.live
1	accounts.livechatinc.com	cdn.livechatinc.com
1	www.googletagmanager.com	www.hello-win.live
1	secure.livechatinc.com	cdn.livechatinc.com
55	10

This site contains no links.

Subject Issuer	Validity	Valid
hello-win.live GTS CA 1P5	`2024-01-19` - `2024-04-18`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-08-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.hello-win.live/0.1703050076867143
Frame ID: 83091CC2CCC203E8FDAAE1EEA69959C5
Requests: 50 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=15629673&group=3&embedded=1&widget_version=3&unique_groups=1
Frame ID: E63E1ABB626173991BBEA5549EF8B1C0
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hellowin Casino - the best casino in philippines - hellowin login

Page URL History Show full URLs

http://www.hello-win.live/0.1703050076867143 HTTP 301
https://www.hello-win.live/0.1703050076867143 Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

55
Requests

98 %
HTTPS

78 %
IPv6

7
Domains

10
Subdomains

9
IPs

1
Countries

3464 kB
Transfer

14233 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.hello-win.live/0.1703050076867143 HTTP 301
https://www.hello-win.live/0.1703050076867143 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

55 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request 0.1703050076867143 Show response
www.hello-win.live/
Redirect Chain

http://www.hello-win.live/0.1703050076867143
https://www.hello-win.live/0.1703050076867143

4 KB
2 KB

325ms
261ms

Document
text/html

2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

67a0601a2c693943eaf70205d8bff77b3d7a0b2e411873682c7779a4b6b590db

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 849ad8722a214bbb-BUF
content-encoding: br
content-type: text/html
date: Mon, 22 Jan 2024 21:21:14 GMT
etag: W/"658533ae-f08"
last-modified: Fri, 22 Dec 2023 06:58:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T1uq5dJxjJstIgoG412eWFroLo3PUB9%2ByTjAOdwu%2F4brDzaNBmVke%2BA29yw6gTXOQbgOn4JswqtpoEXSjj27Pn1MA2fHrAyv3KAxqZa4RdcMJ6qIuqdsA5pUL7WFj9jMzDZU1s35i%2FPs6eDTeds2CZs%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

Redirect headers

CF-RAY: 849ad8717eb64bc3-BUF
Cache-Control: max-age=3600
Connection: keep-alive
Date: Mon, 22 Jan 2024 21:21:14 GMT
Expires: Mon, 22 Jan 2024 22:21:14 GMT
Location: https://www.hello-win.live/0.1703050076867143
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k6Q98MxynoAbRdFmxqs3hszCMo9fLhsswhjQzFLzXYHuyCcO%2FMLiqD5JyGxSdtNtw0y8CzAFnuY6%2BndGq%2FaurTtfe3v%2FPjXuzvPFCpIiVWIY9ky76ega%2FVuaHL3AF74yIE%2BDpYxL5%2FQ6KL6%2BBAmsj4M%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff

GET
H2 200 aboutMerchant.js Show response
www.hello-win.live/res/ 2 KB
1 KB 288ms
285ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/res/aboutMerchant.js?v=15878

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2eac29b202a9f065a4da967b86ffc0353ec3c56b76093099c18c56902258c8b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 22 Dec 2023 06:58:53 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"658533ad-7c3"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t9ueQdizcsDoIVO2LLL58e1mvyU8Bzx4tYdZ7JClA%2BrpAx8hVraL%2FTD5XLifcAR2rPxHQ59sBwZ6sA%2BVLZI4femu%2Fd%2F3UDAxprq8sHOvzXlMdMW4Uvd%2FT6CvkmQyslJOuV1Up64Q4wv1wguuVmLHpJs%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
cf-ray: 849ad873db224bbb-BUF
expires: Tue, 23 Jan 2024 21:21:15 GMT

GET
H2 200 encrypt.js Show response
www.hello-win.live/res/ 71 KB
20 KB 1019ms
1017ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/res/encrypt.js?v=8

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

692f26a453f9fc4cc53bb60c6e6b73600c978bc6406d4c3785b3d28f0f0658a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 22 Dec 2023 06:58:54 GMT
server: cloudflare
tl-proxy-cache-tier2: EXPIRED
etag: W/"658533ae-11a55"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfRKdpzdbRZZCt%2BVveDyxWSKie03bMHSaoH4jAUhAEzYU%2FPvDI63rVe3IBLFhDZXJQtZjLNa1oZBz7buGz7dSxgLxTVImDrygw7VGS%2BdjvxIkm5T%2F5v1hhhcI6jjpDIpmG28Y9F5ZMuOOSRbE3w23PI%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
cf-ray: 849ad873db234bbb-BUF
expires: Tue, 23 Jan 2024 21:21:15 GMT

GET
H2 200 vendor.360341570ba914c2035d.css
www.hello-win.live/res/css/ 168 KB
49 KB 350ms
348ms Stylesheet
text/css 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/res/css/vendor.360341570ba914c2035d.css

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

08ca846b640e3eed9a1bfc0ca0ea772e98fbd1a5521e2e31da8d7d43f388720d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 22 Dec 2023 06:58:53 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"658533ad-29f2e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OSAOTvVSFLWokWLcURelKqV9KMYiDj7SBGy8zCr736wJXI2j4fi0tnFY3k8bZ3KJQBuGM3e0Gy%2F0vSB%2FwnIIO%2Fs5p3o7L5apS7ctuLagX%2B0kkA3Q1dMo6xCJpgY5pPEfyalFBJpJeCvqI7At%2F88RfuY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
cf-ray: 849ad873db1f4bbb-BUF
expires: Tue, 23 Jan 2024 21:21:15 GMT

GET
H2 200 app.04713d39ab587796ebb8.css
www.hello-win.live/res/css/ 215 KB
75 KB 483ms
482ms Stylesheet
text/css 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/res/css/app.04713d39ab587796ebb8.css

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a994ac291ff03f767815f7cced278e47d026643277428fcff908df771e5805e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 22 Dec 2023 06:58:54 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"658533ae-35b86"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v1Sdgs%2BYWvJC9mZrsfpUe7k3D4L7yF8QqXF%2F3KXjnolvtw8AUhnf9PZ%2FDvvNWBUGTsABgbp0KjNh8nxfhdjYZuzhFR7CG71WwSX3u2j3WmZhg8zX3oOq8Ja%2Fz3eHZn%2FApgTFEaTuQOEGYErsxsoxU%2Bw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
cf-ray: 849ad873db204bbb-BUF
expires: Tue, 23 Jan 2024 21:21:14 GMT

GET
H2 200 vendor.2.c1fca7c.js Show response
www.hello-win.live/res/js/ 2 MB
562 KB 1251ms
1249ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/res/js/vendor.2.c1fca7c.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

412792b7bbe17e9819bdef353db9a1dc811fed37830dbf92253bf5a639203c0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:16 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 22 Dec 2023 06:58:54 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"658533ae-1ce09e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cOuHycp5qF6OXIg0JSMm2PzqTVfuwVHEK%2BLSCXCesbt0hRFVRnBTGj6ce%2ByUQx%2F0AUStMjj707rY4enNkJkMjLmDXTva9Q6gVw3%2BCFhpdMt7P6zCtVYFNqyhtU0EA%2Fh6yeDU98mfgZq%2B%2FF4rCbmMwhM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
cf-ray: 849ad873db244bbb-BUF
expires: Tue, 23 Jan 2024 21:21:15 GMT

GET
H2 200 app.a984417.js Show response
www.hello-win.live/res/js/ 526 KB
194 KB 640ms
639ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/res/js/app.a984417.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9c06c9d8b27a79773424307c95650e03aa129c2bcf80f39a81aa002450fd6bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 22 Dec 2023 06:58:54 GMT
server: cloudflare
tl-proxy-cache-tier2: REVALIDATED
etag: W/"658533ae-83716"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLmzq518QVTznlJJRc4nPb208XIyLXlUR7gC4EkGPgaitb8FJ%2FnpRRYpJmQ8WN6bsajLHrM7mUYYKIJrCWxzbQzm6oLYvKr8B8gO6u9F9V%2BAJg9jjBbJtBAwUwyrWIkbkcGrFVnfCVIXmYB2QN1s1og%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
cf-ray: 849ad873db254bbb-BUF
expires: Tue, 23 Jan 2024 21:21:15 GMT

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 89 KB
27 KB 140ms
27ms Script
application/javascript 23.48.224.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-75.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e6302e608e935894e6644a54c841c53ff3bde0e5182110a2f171c94040450214

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: btrutFg1LjSN_rt1Q7UmYrB_Z6eOSUOk
content-encoding: br
date: Mon, 22 Jan 2024 21:21:16 GMT
last-modified: Mon, 22 Jan 2024 09:44:14 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: W/"81e47ae1363dbd6cb1f296a72829fd2e"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=28800
x-amz-cf-id: yt_hAHco8CISJSBgWwFLWhirtk6wouiH_Hb60M3IomYw7mGJN5WskA==
content-length: 27403
expires: Tue, 23 Jan 2024 05:21:16 GMT

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 392 B
582 B 413ms
293ms Script
application/javascript 23.48.224.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=15629673&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.hello-win.live%2F0.1703050076867143&channel_type=code&jsonp=__i0a5smn2ylj

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.48.224.134 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-48-224-134.deploy.static.akamaitechnologies.com

Software

Resource Hash

c8a2aeacb857b44ef9d506b4626c22b746289845b1ae46eb3e7c4aa4fbfa6cbd

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://www.hello-win.live/;
X-Frame-Options	allow-from https://www.hello-win.live/

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: frame-ancestors https://www.hello-win.live/;
date: Mon, 22 Jan 2024 21:21:16 GMT
content-length: 392
vary: Accept-Encoding
x-frame-options: allow-from https://www.hello-win.live/
content-type: application/javascript; charset=UTF-8

GET
H2 200 lib.js Show response
www.hello-win.live/common/v.1.0.1/ 6 KB
3 KB 126ms
50ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/res/js/vendor.2.c1fca7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

adb1199df40b1e1404ec54a7f2b5f1aed2b20aa0a3048bdfee4e23457959fb43

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:16 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Tue, 09 Jan 2024 10:49:28 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"659d24b8-18e1"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yIH0hcfPHVj%2B3mzrEZPBWNThzAfdbnSUvdCp6W%2Fv2wcpm8Pzqub1pcqpdmVVHnEkYRoebxC9ccKJv5wXm%2By3H8Cj4%2Fxw0jg2SyBaGWqylrKLhpUHo3l8JY7oPRntv0LmyIs0%2FNaNY2zrKh7myPjM6jk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad87f2aa34bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:22 GMT

GET
H2 200 status Show response
www.hello-win.live/wps/system/ 29 KB
5 KB 378ms
306ms XHR
application/json 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/wps/system/status?url=www.hello-win.live

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/res/js/vendor.2.c1fca7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ff19b7667d10a375b4c4b0b8e06b39f5a05e315ea322408dd20b07cbeabe16f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-Gateway-Version: 3
Language: EN
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Merchant: luckytime
Accept: application/json, text/plain, */*
Referer: https://www.hello-win.live/0.1703050076867143
Device: web

Response headers

date: Mon, 22 Jan 2024 21:21:16 GMT
x-module-id: COMM3
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
content-encoding: br
server: cloudflare
x-app-trace-id: rbs8jzu050
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aYDp655aOMsZ8dJgR0lM5v%2BMuKwjFcD4JmtoGM8KSk9lX6MjrUN13tIhHBwAgoUTHu3s9Dbwj1RV71qE1TB%2FjMUxn5j6blhNlf7kg8MyAcnCXCPEdSdDDz5zA8qeb%2BfwmXq%2FMsUb72rJQ4eEbk05iaQ%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
cache-control: no-cache
cf-ray: 849ad87f2aa04bbb-BUF
x-robots-tag: noindex,nofollow
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time: 23

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 4 KB
2 KB 151ms
130ms Script
application/javascript 23.48.224.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=9bb9fa14-a465-439a-b77f-c64b877a15e2&version=253.0.1.26.258.11.1.1.1.1.1.1.589&group_id=3&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.134 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3402e803111d16fdca42f3031ac3e050a752abfb866bbd84364590839cdfd197

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:16 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=600
content-length: 1424
expires: Mon, 22 Jan 2024 21:31:16 GMT

GET
H2 200 manifest.json Show response
www.hello-win.live/common/v.1.0.1/manifest/ 2 KB
1 KB 758ms
757ms XHR
application/json 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/common/v.1.0.1/manifest/manifest.json?_1705958476714

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3142639f70994db6ad9fb83b833bd80299563dc4ae5fbb4579a6f2b6cbaf6f05

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:17 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Tue, 09 Jan 2024 10:49:27 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"659d24b7-823"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/json
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DtlB2idsEqsjVjf3z5Jg9iTbqCVDe7WYrsWh8kEIWOXbrXHMfMtjzMhrPtcTlSngHKhJTkMNhvCi7qmr9kJsGPk57kmHtYMyfhvLxr1pimpJPAAT11R1lIg50L%2BVKVSdOSmUE7jHc4wplYjs%2Fab5aHA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad87f8aee4bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 23 Jan 2024 21:21:17 GMT

GET
H2 200 open_chat Show response
secure.livechatinc.com/customer/action/ Frame E63E 9 KB
3 KB 243ms
216ms Document
text/html 23.48.224.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=15629673&group=3&embedded=1&widget_version=3&unique_groups=1
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.134 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 56282dce88b556f4c7e77f7d7351eb231c8d5698c12241b89740718e21d4da27

Request headers

Referer: https://www.hello-win.live/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-length: 2616
content-type: text/html; charset=utf-8
date: Mon, 22 Jan 2024 21:21:17 GMT
vary: Accept-Encoding

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 11 KB
4 KB 230ms
228ms Script
application/javascript 23.48.224.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=9bb9fa14-a465-439a-b77f-c64b877a15e2&version=075b79d72a19c7c515c01775c17428ae_076db64c6bae5b48e0b75c11b5c8860a&language=en&group_id=3&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.134 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0265fdb3fb4d916a86cdb1f90e30e1f9920933fe955d00351d38cdbf1a671c04

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:17 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
legacy: 2024-05-31
cache-control: public, max-age=599
content-length: 3842
expires: Mon, 22 Jan 2024 21:31:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 276 KB
92 KB 313ms
70ms Script
application/javascript 2607:f8b0:4006:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9TH6SBLD1E

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/res/js/vendor.2.c1fca7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80f::2008 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

541f1eff4faffeb9316e75654dc53d117ce119c1f31aed3d2c5c11ca52b3d868

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 93413
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 22 Jan 2024 21:21:17 GMT

GET
H2 200 country Show response
www.hello-win.live/wps/system/ 5 KB
1 KB 862ms
861ms XHR
application/json 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/wps/system/country?

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/res/js/vendor.2.c1fca7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

92d4207ac2f79a9b12eccfd308b93b3f65baf2621b90a14a09d585a4aace4ea9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

X-Gateway-Version: 3
Language: EN
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Merchant: luckytime
Accept: application/json, text/plain, */*
Referer: https://www.hello-win.live/0.1703050076867143
Device: web

Response headers

date: Mon, 22 Jan 2024 21:21:17 GMT
x-module-id: COMM3
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
content-encoding: br
server: cloudflare
x-app-trace-id: h8t54wr050
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
content-type: application/json
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qAqCxg9nzk%2FZH4%2BnUKO7wR%2FSKTy44rE8t3R%2Boxhl%2B6dKrK6zHisry5WX77tsqaAy6ECQvBAEAfdStGwCFm38iAJqTf1hwlNpif6ljmG0S%2B%2F8ayLkdY9kFigKRQ%2B7JRuWVEmbvtq9J9TYnC0q5G%2F7oOo%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
cache-control: no-cache
cf-ray: 849ad8821cc04bbb-BUF
x-robots-tag: noindex,nofollow
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-elapsed-time: 4

GET
H2 200 0.3c281e77.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame E63E 46 KB
15 KB 61ms
17ms Script
application/javascript 23.48.224.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/0.3c281e77.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=15629673&group=3&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-75.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 6b1882751538bb6b1f01255645871ebd2a04fc619f45be11d6e16579c58f3a8e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: s7JOmISLwwgpEGiaMl95Z3wzNjv8vXC8
content-encoding: br
date: Mon, 22 Jan 2024 21:21:17 GMT
last-modified: Fri, 12 Jan 2024 09:52:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: W/"502a11f37bddde8d4dc417fdb3443809"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: v_FMzHx__w8uunpibaLX21_WRx_QyvvgAH3ZTamAzspa5qX5bEfJ5w==
content-length: 14898
expires: Tue, 21 Jan 2025 21:21:17 GMT

GET
H2 200 1.c5733af0.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame E63E 209 KB
65 KB 71ms
28ms Script
application/javascript 23.48.224.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/1.c5733af0.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=15629673&group=3&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-75.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3e87b498af31b3820c0417ffe42e44d18d30319d22f9ff0b75b97b3efb96e89

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: j43VEgBEM.sbXBnegw.xhJBy9_6kCrLW
content-encoding: br
date: Mon, 22 Jan 2024 21:21:17 GMT
last-modified: Fri, 12 Jan 2024 09:52:27 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: W/"4e97b2e808b7892b134b18c7e0f914f7"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: a9bVnKukNXPg8b3vieS_DhPkAqDSN_PfW0ZfbvakW5Eq4yIAPAUsiQ==
content-length: 66229
expires: Tue, 21 Jan 2025 21:21:17 GMT

GET
H2 200 iframe.14bbce79.chunk.js Show response
cdn.livechatinc.com/widget/static/js/ Frame E63E 809 KB
219 KB 99ms
55ms Script
application/javascript 23.48.224.75
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/widget/static/js/iframe.14bbce79.chunk.js
Requested by: Host: secure.livechatinc.com
URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=15629673&group=3&embedded=1&widget_version=3&unique_groups=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.75 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-75.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 38e6fb13cbf6f8d071deb366000f09b1a5e5857ce7539477de679df003748ee7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://secure.livechatinc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: TBojzFl72y90nZXsCOls8gymc5cUhXB4
content-encoding: br
date: Mon, 22 Jan 2024 21:21:17 GMT
last-modified: Mon, 22 Jan 2024 09:44:17 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P3
etag: W/"4f8e97c5cba7d894b1f967c1cde24a09"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-amz-cf-id: 22jRDj_cIJPFCcLFXZhfEdqKoAnaxh-ZHAKZZA_8BeqwiyFuw_Ugrg==
content-length: 223998
expires: Tue, 21 Jan 2025 21:21:17 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/ 85 KB
27 KB 107ms
35ms XHR
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.7.0/jquery.min.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 316926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27437
last-modified: Sun, 07 Jan 2024 20:26:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "659afac8-6b2d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T3eRYYopkZGv64fvgTd4y3wi4IlN3I%2BHI7itruyUugkejshOeAqLFHiL6PV%2BCYj8KMbNVnOr3AFh1Qx8hZc%2F%2FtRODMHa0ZH4YC54mcJVUm1QYt90hVjjgfVyzxkwzrQWSsvqaNmG1zwGF2Nsg1Ss95tK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 849ad884ee8f4bc1-BUF
expires: Sat, 11 Jan 2025 21:21:17 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
257 B 113ms
44ms Ping
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9TH6SBLD1E&gtm=45je41h0v9165816372&_p=1705958477483&gcd=11l1l1l1l1&dma=0&cid=1135425600.1705958478&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1705958477&sct=1&seg=0&dl=https%3A%2F%2Fwww.hello-win.live%2F0.1703050076867143&dt=Hellowin%20Casino%20-%20the%20best%20casino%20in%20philippines%20-%20hellowin%20login&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=3124
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9TH6SBLD1E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:21:17 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hello-win.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 token Show response
accounts.livechatinc.com/v2/customer/9bb9fa14-a465-439a-b77f-c64b877a15e2/3/ Frame E63E 195 B
1 KB 1308ms
1272ms XHR
application/json 23.48.224.134
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://accounts.livechatinc.com/v2/customer/9bb9fa14-a465-439a-b77f-c64b877a15e2/3/token
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/widget/static/js/1.c5733af0.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.48.224.134 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-48-224-134.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c0cfff3899ad54434c7454e4d389e7baeba6ed1062cf72d13c33be356f7f938

Request headers

Referer: https://secure.livechatinc.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:21:17 GMT
content-type: application/json
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 195
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lib.core.min.86447f80.js Show response
www.hello-win.live/common/v.1.0.1/manifest/ 583 KB
166 KB 63ms
57ms XHR
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/common/v.1.0.1/manifest/lib.core.min.86447f80.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b8accda417737b92d5c583ef869c9339c25ccf30a95745b619afe2581b4c16a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:17 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Tue, 09 Jan 2024 10:49:27 GMT
server: cloudflare
tl-proxy-cache-tier2: REVALIDATED
etag: W/"659d24b7-91b0d"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqsF6XsIbWzuxQbS6sU2xmY8AdFujhLH7zGqiDkkw7XzWs%2FzQ5Xbrw5PbPXm8YRt68xuUUFaEQm3b8KI0NW%2FMnEhS2rWAPUMU19wYaf4XvbtUmbZfjMJAn9MSgTTYXPIIFuODcFZv6UpWn7e6168jGA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad8854f0b4bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:23 GMT

GET
H2 200 lott-js.js Show response
www.hello-win.live/lotto/lott-common/ 574 B
847 B 292ms
289ms XHR
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/lotto/lott-common/lott-js.js?_=1705958477625

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e81b65d480dc33ef815956230ab23a24fa841c6ffeea72d4d09bfa398f076740

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer: https://www.hello-win.live/0.1703050076867143
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Thu, 18 Jan 2024 20:31:51 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"65a98ab7-23e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fm1j0x7%2FGvBqjybypKOjhSzB1yPGBi%2FcJQ3AtM%2BHgbbZLv0O2aR%2BGUub%2BIiX4sTtOuJy4RbI%2F1CWaulHKPIO%2B6NTCrfs%2B6rpAoja5foj7BOEx84KMPy1PsTdKwckFYNyYg8%2FQEUr6K2ndqHOr%2Bk2NTc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
vary: Accept-Encoding
cf-ray: 849ad8866fbd4bbb-BUF
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 23 Jan 2024 21:21:17 GMT

GET
H2 200 index.js Show response
www.hello-win.live/mc/v.1.0.1/ 12 KB
3 KB 623ms
620ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/index.js?_=1705958476580

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/res/js/vendor.2.c1fca7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

babddc0ef39d42de434db62636b5abf9afa0ebe52b90140817cea21a2f19aa8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:12 GMT
server: cloudflare
etag: W/"65a9e148-2fc2"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yWOL6Yi82vuDPfpsSsPcmVYe6mdxYab62TV0xy0XgxknJ%2F0ra19w1%2B3wBRUBdTwITjAl33HJQexNnSO3w1aYYQhKNY9y7LGTjwi4lIffRDHlJQqVo1hHNtKv2GjJdBHnvo5Dzyw5ADqehYO%2B%2FZWv32s%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
cache-control: no-cache
cf-ray: 849ad8866fbe4bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 23 Jan 2024 05:21:18 GMT

GET
H2 200 index.js Show response
www.hello-win.live/ac/v.1.0.1/ 18 KB
4 KB 294ms
290ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/ac/v.1.0.1/index.js?_=1705958476580

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/res/js/vendor.2.c1fca7c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7806638cf6df5d6994d20cd0bd73c1962d984a791a8d31c300eb61768cabbd64

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:42:02 GMT
server: cloudflare
etag: W/"65a9e17a-48e6"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3e561gq%2FTVYpTzDv4xENDwCRgFMdWyEVCPVS7m5WnWq3%2B2j6M7H9x7tMDD0ki2oVGrMLOUgCY2QUflJWIh%2BCqzip93UP83atbqS7tNQMXYwHaYjmJkGzXL8%2BJktgE3VJmMWXJy7zpXfRoTFQJAcwDI%3D"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
cache-control: no-cache
cf-ray: 849ad8866fc14bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 23 Jan 2024 05:21:17 GMT

GET
H2 200 lib.core.min.3234269c.css
www.hello-win.live/common/v.1.0.1/manifest/ 256 KB
88 KB 53ms
52ms Stylesheet
text/css 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/common/v.1.0.1/manifest/lib.core.min.3234269c.css

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e496561bf529679aecc8a98caf8451811766fca87ec95e8392969c0bf2c9966

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:17 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Tue, 09 Jan 2024 10:49:28 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"659d24b8-3ff9d"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: text/css
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sEq0lhFJ10YJNWruhs2npBF8jV97r%2BOtW1JsnfYfdn8nk9jkRi4UV1J4ZgGfJQI923jyl0A5nnSXt2sr3LEWYg5MdZhIgV5AAm0g5ctLb3nrY%2F%2B5ZV%2F7iBk7T%2FtlnMIt9PlpJ16pzuORkfA%2FIEZSRMk%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad8866fbf4bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 lottTranslator.55f9174d.js Show response
www.hello-win.live/lotto/lott-common/ 1 MB
169 KB 319ms
306ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/lotto/lott-common/lottTranslator.55f9174d.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4d62d054aeb08e52c310ead34221d79182c1661a38bf9b0b51b9b6ed86fd97

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Thu, 18 Jan 2024 20:31:49 GMT
server: cloudflare
tl-proxy-cache-tier2: REVALIDATED
etag: W/"65a98ab5-1007d2"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BzQQwLf7unvVEuvrSau5dJiigAFkpJ30%2BZOo9X0pNvCMzjkvEZQFIJrVwHsoXZVLp6X%2BKmJW78L0o0v0HrIxzmy6EANsytR7vJ%2B1b1dadkH5yu37RO2dnqGLXQ5sNgAx02DKGnwOKs%2FfZ1cKchDjmfc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad888594e4bbb-BUF
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 23 Jan 2024 21:21:18 GMT

GET
H2 200 bettingCompress.e06b16ae.js Show response
www.hello-win.live/lotto/lott-common/ 863 B
952 B 313ms
301ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/lotto/lott-common/bettingCompress.e06b16ae.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e99b40f0dda604dd968dc35ead909e20ef17c6f9e007cbbd784147527b7d6d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Thu, 18 Jan 2024 20:31:51 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"65a98ab7-35f"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SFklyVOEkG2oGlbZnD94WKDE8goy0ut525F03MohM2wauPO%2FqQdLqgmV1hkmZdIBke9KTFdF5kA6MSI1XjHTUL%2Fr%2BCtywb9lv6wj7X91bBGBreczG39U%2FxMDerYfj%2FezyWSY2CyJqdD53pWFB9xJb8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
vary: Accept-Encoding
cf-ray: 849ad888594f4bbb-BUF
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Tue, 23 Jan 2024 21:21:18 GMT

GET
H2 200 decimal.min.b4a075bd.js Show response
www.hello-win.live/ac/v.1.0.1/manifest/ 13 KB
6 KB 64ms
53ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/ac/v.1.0.1/manifest/decimal.min.b4a075bd.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25dd4d16d5fd3c4ac796badcce3ec057d92c52255f8d8481570fb54549dac5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:42:01 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e179-32f3"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UA7k0OfacnAYUnIrzvxx3zCr%2BtPeDOmL4blS4HOLfSObrxV7%2FNZaAy6HNPhpceg7cF9M6ZRqj5DyEyzNb4bLua026sYnIhZqSLgTHcBk6EZLzDy4k2ioFi9Q9FnXGFfggUjTOT9jdMF17Se%2BRUr8mFc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88859514bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 ac-wps.9890b8fa.js Show response
www.hello-win.live/ac/v.1.0.1/manifest/ 49 KB
7 KB 75ms
64ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/ac/v.1.0.1/manifest/ac-wps.9890b8fa.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3948ec08f83c6fd33f666351d4a56dfddc91a431a7bda2ec07eb5fba49aaa282

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:42:00 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e178-c2c8"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kkPhg2AOEc%2FUc6KEfO8nVCe%2BYblRWhdqDcqhGvumBWy%2FTfnbAROebYbh%2BwX8mdqz4jcLZOLdHlQdylI8cy%2F9bFj8wnY0yKJAx8yg4o58ls4AMG2lKT%2FHmqPIp6Jp%2BPL4AKBnNHNOI%2FzpHuZqRI1K3A%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88859534bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 ac-properties.e0d6a7d5.js Show response
www.hello-win.live/ac/v.1.0.1/manifest/ 1012 KB
221 KB 65ms
55ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/ac/v.1.0.1/manifest/ac-properties.e0d6a7d5.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dda9d58348cfe750ea71c9008d4afc57ec51928a254ca20610639ab5b86cf630

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:42:02 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"65a9e17a-fd184"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q3325PXRCMcdPNXlkRvNTwioX11HAh7rRaTfw9cPcEC5zTqw7s570ap5QJucQR%2F0IQ3ewp9HtUE2RFiLnuUAX%2BkyslRiUpRQt8Dw39CXVQDAW8dHS9jDd7fGMyfR49Vod6guH4jdeKs2%2F%2BI6hyDiER4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88859544bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 ac-control-shanshan.fb20e597.js Show response
www.hello-win.live/ac/v.1.0.1/manifest/ 847 KB
139 KB 98ms
88ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/ac/v.1.0.1/manifest/ac-control-shanshan.fb20e597.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f5b940e2d692760759771d3accdc190550cf9af1aabf55ec8c7405cac5f8207

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:42:01 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"65a9e179-d3af8"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jHKNuoS%2FXuDiaefCHxu5z5YdavtItqoL%2B6bC8SmLThAVGCt8vPM4t8JG17ux%2B26rvT2VsNsd%2FRN%2FGMTlUSzNNRI5g4yqW231SMHsekqGBLLCeFrgsuIsIm1%2B6OIT7E6UAZnEvGQDHH1A81FhOaiAqiM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88859554bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 ac-ui-shanshan.4fd61a57.js Show response
www.hello-win.live/ac/v.1.0.1/manifest/ 426 KB
52 KB 62ms
52ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/ac/v.1.0.1/manifest/ac-ui-shanshan.4fd61a57.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7cfcb29cfa59d1b222ed9b13139749220004e8c1cca3892328981e88788bc71

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:42:01 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e179-6a8ff"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ln23K0DGIZkMYaPvctcfnb1utbYipv6Evr73iMJ8LmASk%2Fxo4n8CY5Wu%2B3iSiAdOQfs5XsIcIlig48gDGQdyNeAukh2agN%2B9m3%2Bdf1zRYrzMbRX317NJRqem0KXuH5MFhk6WczcC08vmb4shJsAFzEc%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88859564bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 numberSeparator.c1a7cda8.js Show response
www.hello-win.live/ac/v.1.0.1/manifest/ 1 KB
907 B 63ms
54ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/ac/v.1.0.1/manifest/numberSeparator.c1a7cda8.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

09ec284902e03eafd6692269a225c7b146f10f94afb50b11c49ff795635065fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:42:02 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e17a-537"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgOD6e51vbyXaJh%2FgizFsdNFcnM2%2B6rU3OYZMki1FwYj6Aft9gUkE6raOhEitoffdsFa356wspvUmSjxA0ZBAX3kFr2FPvtCeZcWJK2fm%2F93fBiye8dQpBzeu%2BEyBGd5QuJoE0dOJ1M5yR7YN0KSviM%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88859574bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 ac_shanshan.ab8f7359.css
www.hello-win.live/ac/v.1.0.1/manifest/ 858 KB
194 KB 114ms
106ms Stylesheet
text/css 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/ac/v.1.0.1/manifest/ac_shanshan.ab8f7359.css

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

295daac195845375a8838101f21e21436f0195d89f4912d52b7a5bed202b20ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:42:01 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"65a9e179-d68b5"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: text/css
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fgc%2B2rLaEy7%2FERE3rFLTWdEe8wkjBqOKndfuoumpFwM75u69MuRLLyJT1xWHLBXh%2Fjrp54wA11BUhb7vFCfY%2BoyzQDGhsXXbJnLLxgkpcHfvxWJrSrxNeLsxRU8ZiyxnF4eUwPKfGmCzlMy5ivuHYRw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88859504bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 g2.min.js Show response
cdn.jsdelivr.net/npm/@antv/g2@4.2.3/dist/ 865 KB
218 KB 288ms
33ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@antv/g2@4.2.3/dist/g2.min.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2cea25f3456374b0b3c31f35c6d9b78e638bc26710e8373d9a383ce703c88d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 21:21:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 4218854
x-jsd-version: 4.2.3
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 222762
x-served-by: cache-fra-etou8220053-FRA, cache-nyc-kteb1890067-NYC
x-jsd-version-type: version
etag: W/"d82c5-eSJeFdMsBDXE0ShH9a6Jvs4xKt0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 dirty.294caafc.css
www.hello-win.live/mc/v.1.0.1/manifest/ 88 B
522 B 77ms
49ms Stylesheet
text/css 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/manifest/dirty.294caafc.css

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b0b5c66c39bbe4ade93ebb6218e3ebbce3a9d3b4cf8b749300a78f577445ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:11 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e147-58"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: text/css
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SGeVrCic2vcwtncsMBQCJsBPMOnsASIRBNW3GWK7QDIOMurTa0UVX6GEX2pHftFdVrLeoCLW9SPm5OAfWtdR0fG9rNHJGPAOJblN027W%2F9nXjIyQ8CX1GQ1vGXyfgJ6dlNO8CDgK%2F%2BIoepC8O0nky%2BE%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
vary: Accept-Encoding
cf-ray: 849ad88a7a914bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 qrcode.min.d519b59b.js Show response
www.hello-win.live/mc/v.1.0.1/manifest/ 19 KB
7 KB 87ms
60ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/manifest/qrcode.min.d519b59b.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

45fde897a3b2aa4f9c051020dfa53cd7cf25aafa152a68757c1bd474837446ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:11 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e147-4c14"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9Igz28MBfUbOvsMQQzCEZZJmgxE%2BBVa4n1c4QmuH5x1ELRz0AD%2BuVqpcq8kYjo%2FOdgM2WJ6jQ3I4gXD6Cd44UL4OdWLTPTU8hqaDGe3hxA4lbvtUSPkYMDuNTT6qRka5r3uOBcep9VuxbJFjJbFUOY%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88a7a964bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 slider.d420e4d3.js Show response
www.hello-win.live/mc/v.1.0.1/manifest/ 32 KB
7 KB 81ms
55ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/manifest/slider.d420e4d3.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7062323b9c3f6fbc07887ff7baaedb379d6836e7bfe70d7747025729598ab49f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:11 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"65a9e147-7e10"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJ1Z7RX9mgmBaG5pV9Xfc6g%2ByTkpQVfgxzyEq3WS90%2BWsbHUBvUoTgkcwHhmrlGAb8wkUPfM31%2FiuwE5fDQCA6kyeaQdJgRwWeYlwRtUbGGBJNAcEcVtkqu%2BNKLq%2ByHNkjUE0zmDkMw00gWaCwXppkA%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88a7a974bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 mc-wps.7febc2bf.js Show response
www.hello-win.live/mc/v.1.0.1/manifest/ 53 KB
8 KB 100ms
76ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/manifest/mc-wps.7febc2bf.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

707dd7199cd913a0e53621096bd383a21de0a1428a03ce795912955f6f58c5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:12 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e148-d2b1"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qq7Wk8eZ%2FaHYDykci045cI6Zu72kf%2FQ%2FucmzScrA59JLGZutrCTxWTNbz5p4HAqkM1lGBit%2FdUa%2BWvqcgBhUqfMIEYXdm1sAXAQM68sJBwWj6BK43PohnquZdFxaZ0%2FfWXO9QkYNy2HJcFMHStip0V8%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88a7a984bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 mc-properties.54ed77dc.js Show response
www.hello-win.live/mc/v.1.0.1/manifest/ 1 MB
301 KB 80ms
57ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/manifest/mc-properties.54ed77dc.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3718e4e2d63f5ae608970d9263ba151cbf9f8dde248478fd3505c5ecd1a4f14e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:12 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e148-173935"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6s2M2xq9wMNa0zAQk86sqgQ6xnPlLSPolZTNW2FbijAqqdyjUA8JsUn4sPnO%2B4emPWS4G1Rn%2BNPEysP7l2C%2FJgL9XmXJfw2e73mNHP5ShXOY%2BJNF7zKgBGvWiNcY4gkje%2BAfG%2Fg1ArGZRTmOi2fkMw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88a7a9a4bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 mc-control-shanshan.4212f469.js Show response
www.hello-win.live/mc/v.1.0.1/manifest/ 949 KB
176 KB 83ms
61ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/manifest/mc-control-shanshan.4212f469.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d35f057332ebdba76de554af8e9a2271638de040d152ceb22da780ddba8f32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:12 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"65a9e148-ed415"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6CRpUP%2F%2BS9iqV2thvbNX0LlHekJCR6A%2BdoGJYUyHIOEMb7P%2FBH8IjJR8JLx%2FVqTLUmUhGIlvm35e%2FS3MlumRnorF%2BC6y1Lg5To%2B6%2FDRc42M6V0wcEciVcp38GOr98blQ8wTo1oaiQHyojvtGTCRvGEo%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88a7a9b4bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 numberSeparator.b2742297.js Show response
www.hello-win.live/mc/v.1.0.1/manifest/ 1 KB
902 B 76ms
56ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/manifest/numberSeparator.b2742297.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd9aa3632fcc3098b18888bc203868864fc1379e787f421ee5266d63fabf0ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:12 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e148-537"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eiL0wWLSM6JMmX2PTVIYlew%2BRtrdToxuRLJXIblxHEFr5P01jiFtBfKi3hyv6vaUZZOYLrvyhv44MgH%2BhIDo8tYwL83kMBUW%2FeLLEyc6KllcClOVqkcVSYmDKWiFxsMOSrFs2CPrbqm%2Fq7Q%2FnCS7y70%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88a7a9c4bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 mc_shanshan.b2e48099.css
www.hello-win.live/mc/v.1.0.1/manifest/ 710 KB
161 KB 88ms
68ms Stylesheet
text/css 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/manifest/mc_shanshan.b2e48099.css

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6313abd665033b975e8a31a6e00f9e7191e612f880c8227720eb352b63338f67

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:11 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e147-b198b"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: text/css
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K8k1Ul0deMjHgBFBBPh1NOKyF3fvEK6l2C1lxIJbkzG1700O5tLbvGQmsXY2%2B8YQd9iV0Ju6EV0qS5%2BbQGTGM8Djf0k06ybDX92j7Tu1SWckS4wZygaowJ89aa5VxqPPSt8%2FMysYqg48BuuJKT6m6ds%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88a7a924bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 mc_icon_s.0fd68d55.css
www.hello-win.live/mc/v.1.0.1/manifest/ 47 KB
26 KB 72ms
54ms Stylesheet
text/css 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/manifest/mc_icon_s.0fd68d55.css

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58d51b59248c18d27839d3073ffc1d6e5f5077d53edefb17bc375561ee5350d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/0.1703050076867143
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:11 GMT
server: cloudflare
tl-proxy-cache-tier2: HIT
etag: W/"65a9e147-bd5d"
vary: Accept-Encoding
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: text/css
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mZnbgyOKZGDNx3wQgr%2BBNE7GWbz9GQPZItv%2Bhtcy2lhW38Y%2BSoKLWVhLs7vxVuY0KaaDOXFNzDrSrMwzVqaME8MkATCF3gxkpPrLfWxFL2teKMW7sdvGdJrOK3jLtSeBXMoXgyFnoC7ihinO%2FMTHAY4%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
x-frame-options: SAMEORIGIN
cf-ray: 849ad88a7a934bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 swiper-bundle.min.js Show response
cdn.jsdelivr.net/npm/swiper@9.3.0/ 136 KB
40 KB 49ms
30ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/swiper@9.3.0/swiper-bundle.min.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4651353cb061bc4c99cd04687a305193ecc7d4842aabf453914a59eab46781f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 21:21:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 5924564
x-jsd-version: 9.3.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41001
x-served-by: cache-fra-eddf8230034-FRA, cache-nyc-kteb1890067-NYC
x-jsd-version-type: version
etag: W/"221af-Y8Fk6ieasqc10zeyVaJWvuedoKk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 html2canvas.min.js Show response
cdnjs.cloudflare.com/ajax/libs/html2canvas/1.4.1/ 194 KB
37 KB 124ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/html2canvas/1.4.1/html2canvas.min.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/common/v.1.0.1/lib.js?mc_t=shanshan&ac_t=shanshan&version=v.1.0.1&ac_v=1.0.1&mc_v=1.0.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e87e550794322e574a1fda0c1549a3c70dae5a93d9113417a429016838eab8cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5140931
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 37629
last-modified: Sat, 22 Jan 2022 18:00:32 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61ec4640-92fd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NGDv4F7ND0LDcSCUGrWXBD7PhVDkMGcQITGVwkfqqYj%2Fk88M50NWbVlAtIUN7Gz6x1HPXfxR3KIHiEy6QmhzG0Q1ZuvUKT61mgjsUhYCE%2F6bNTzZRvutN5dgCJFiJDmfF6EiEu1CvjFa57%2BCPZ4TGtPh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 849ad88afda26aed-BUF
expires: Sat, 11 Jan 2025 21:21:18 GMT

GET
H2 200 external-module.cb963217.js Show response
www.hello-win.live/mc/v.1.0.1/manifest/ 426 B
636 B 62ms
47ms Script
application/javascript 2606:4700:3030::6815:5d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hello-win.live/mc/v.1.0.1/manifest/external-module.cb963217.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/mc/v.1.0.1/index.js?_=1705958476580

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3030::6815:5d05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7760263cba6848749e6cc9376f0d4dfc3485878240848a526ef56ebd804327d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.hello-win.live/0.1703050076867143
Origin: https://www.hello-win.live
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Mon, 22 Jan 2024 21:21:18 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
last-modified: Fri, 19 Jan 2024 02:41:12 GMT
server: cloudflare
tl-proxy-cache-tier2: MISS
etag: W/"65a9e148-1aa"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET,POST,PUT,DELETE, GET,POST,PUT,DELETE
content-type: application/javascript
access-control-allow-origin: *, *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZH4J8cGI1zRafJkbMNG7mEFfKqvV27J1OwcweMpT95SZaqgmlEW5hjLSvVKHhLLP6UG77sBVBvlgsrYk2rSaJB7nGPlM8UVGuBy2ln4pPSKO4lE7D501Sq4cOCZrw2pvzn0gLuq9en2sTWn11l09kRw%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=86400, public
vary: Accept-Encoding
cf-ray: 849ad88a7a944bbb-BUF
access-control-allow-headers: Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Merchant,Authorization,DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 22 Jan 2024 22:25:28 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/9.14.0/ 90 KB
21 KB 186ms
26ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.14.0/firebase-app.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fbb03aabc125045ee2d98be69199bcc01b9cb22aa2e438ab7422303622e0f09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hello-win.live/
Origin: https://www.hello-win.live
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:49:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 286285
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20513
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 21:00:22 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 13:49:53 GMT

GET
H2 200 firebase-auth.js Show response
www.gstatic.com/firebasejs/9.14.0/ 115 KB
33 KB 230ms
71ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.14.0/firebase-auth.js

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77eb87926cbc4ca21f9da2a1d9290abe1cc08683d401d0e08a7aabd6447b3982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.hello-win.live/
Origin: https://www.hello-win.live
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 13:30:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 287462
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33722
x-xss-protection: 0
last-modified: Thu, 10 Nov 2022 21:00:29 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 18 Jan 2025 13:30:16 GMT

GET
H3 200 +esm Show response
cdn.jsdelivr.net/npm/qrious@4.0.2/ 17 KB
7 KB 275ms
37ms Script
application/javascript 2a04:4e42::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/qrious@4.0.2/+esm

Requested by

Host: www.hello-win.live
URL: https://www.hello-win.live/0.1703050076867143

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6b5f4d073dd8eb180b8200558f0893bd7681f4fb46777d99a80a81b7d7be7573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.hello-win.live/
Origin: https://www.hello-win.live
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 22 Jan 2024 21:21:18 GMT
x-content-type-options: nosniff
content-encoding: br
age: 3351215
x-jsd-version: 4.0.2
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7056
x-served-by: cache-fra-etou8220067-FRA, cache-ewr18161-EWR
x-jsd-version-type: version
etag: W/"459c-vvJLoJeeGg8rnctqJlGAeBfei0k"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
BLOB 200
OK 596e61ee-e72f-4586-b5be-aa4c63fcfe32
https://www.hello-win.live/ 2 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.hello-win.live/596e61ee-e72f-4586-b5be-aa4c63fcfe32
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 074c1063ffb2d461213e96502cf6d2b47a6266ad8e65098e7c43111204271ccb

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Length: 1673
Content-Type: application/javascript

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 43ms
42ms Ping
text/plain 2607:f8b0:4006:817::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-9TH6SBLD1E&gtm=45je41h0v9165816372&_p=1705958477483&gcd=11l1l1l1l1&dma=0&cid=1135425600.1705958478&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1705958477&sct=1&seg=0&dl=https%3A%2F%2Fwww.hello-win.live%2F0.1703050076867143&dt=Hellowin%20Casino%20-%20the%20best%20casino%20in%20philippines%20-%20hellowin%20login&en=scroll&epn.percent_scrolled=90&_et=6&tfd=8137
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9TH6SBLD1E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:817::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.hello-win.live/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Jan 2024 21:21:22 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.hello-win.live
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/9bb9fa14-a465-439a-b77f-c64b877a15e2/3/token	1970-01-21 03:28:38	Name: __lc_cid Value: 3cb984f4-a053-4d0e-81d0-028e62426d4d
.accounts.livechatinc.com/v2/customer/9bb9fa14-a465-439a-b77f-c64b877a15e2/3/token	1970-01-21 03:28:38	Name: __lc_cst Value: c4ed1697786e84c71f762c232828389dbb027c16996841581ca8b54022df274559df3b0d917b23cfeff9a843b95267ef2c6e11041d0601dd11ea8625869b
.accounts.livechatinc.com/licence/g15629673_3/	1970-01-21 03:28:38	Name: __lc_cid Value: 3cb984f4-a053-4d0e-81d0-028e62426d4d
.accounts.livechatinc.com/licence/g15629673_3/	1970-01-21 03:28:38	Name: __lc_cst Value: c4ed1697786e84c71f762c232828389dbb027c16996841581ca8b54022df274559df3b0d917b23cfeff9a843b95267ef2c6e11041d0601dd11ea8625869b
.hello-win.live/	1970-01-21 03:28:38	Name: _ga Value: GA1.1.1135425600.1705958478
.hello-win.live/	1970-01-21 03:28:38	Name: _ga_9TH6SBLD1E Value: GS1.1.1705958477.1.0.1705958477.0.0.0
accounts.livechatinc.com/	1970-01-20 17:52:38	Name: __oauth_redirect_detector Value: counter=1&t=1705958507&tag=6efdf46841ad5826f3fcc7d120a721cf91a09b41

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.livechatinc.com/widget/static/js/iframe.14bbce79.chunk.js(Line 1) Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other	warning	URL: https://cdn.livechatinc.com/tracking.js Message: The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.livechatinc.com
api.livechatinc.com
cdn.jsdelivr.net
cdn.livechatinc.com
cdnjs.cloudflare.com
secure.livechatinc.com
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
www.hello-win.live
23.48.224.134
23.48.224.75
2606:4700:3030::6815:5d05
2606:4700:3034::ac43:c9d9
2606:4700::6811:190e
2607:f8b0:4006:80f::2008
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::200e
2a04:4e42::485
0265fdb3fb4d916a86cdb1f90e30e1f9920933fe955d00351d38cdbf1a671c04
074c1063ffb2d461213e96502cf6d2b47a6266ad8e65098e7c43111204271ccb
08ca846b640e3eed9a1bfc0ca0ea772e98fbd1a5521e2e31da8d7d43f388720d
09ec284902e03eafd6692269a225c7b146f10f94afb50b11c49ff795635065fa
0f5b940e2d692760759771d3accdc190550cf9af1aabf55ec8c7405cac5f8207
25dd4d16d5fd3c4ac796badcce3ec057d92c52255f8d8481570fb54549dac5f7
295daac195845375a8838101f21e21436f0195d89f4912d52b7a5bed202b20ff
2b0b5c66c39bbe4ade93ebb6218e3ebbce3a9d3b4cf8b749300a78f577445ba1
2cea25f3456374b0b3c31f35c6d9b78e638bc26710e8373d9a383ce703c88d4e
2eac29b202a9f065a4da967b86ffc0353ec3c56b76093099c18c56902258c8b1
3142639f70994db6ad9fb83b833bd80299563dc4ae5fbb4579a6f2b6cbaf6f05
3402e803111d16fdca42f3031ac3e050a752abfb866bbd84364590839cdfd197
3718e4e2d63f5ae608970d9263ba151cbf9f8dde248478fd3505c5ecd1a4f14e
38e6fb13cbf6f8d071deb366000f09b1a5e5857ce7539477de679df003748ee7
3948ec08f83c6fd33f666351d4a56dfddc91a431a7bda2ec07eb5fba49aaa282
3c0cfff3899ad54434c7454e4d389e7baeba6ed1062cf72d13c33be356f7f938
412792b7bbe17e9819bdef353db9a1dc811fed37830dbf92253bf5a639203c0b
45fde897a3b2aa4f9c051020dfa53cd7cf25aafa152a68757c1bd474837446ac
4651353cb061bc4c99cd04687a305193ecc7d4842aabf453914a59eab46781f2
4d35f057332ebdba76de554af8e9a2271638de040d152ceb22da780ddba8f32d
4e99b40f0dda604dd968dc35ead909e20ef17c6f9e007cbbd784147527b7d6d2
4fbb03aabc125045ee2d98be69199bcc01b9cb22aa2e438ab7422303622e0f09
541f1eff4faffeb9316e75654dc53d117ce119c1f31aed3d2c5c11ca52b3d868
56282dce88b556f4c7e77f7d7351eb231c8d5698c12241b89740718e21d4da27
58d51b59248c18d27839d3073ffc1d6e5f5077d53edefb17bc375561ee5350d4
6313abd665033b975e8a31a6e00f9e7191e612f880c8227720eb352b63338f67
67a0601a2c693943eaf70205d8bff77b3d7a0b2e411873682c7779a4b6b590db
692f26a453f9fc4cc53bb60c6e6b73600c978bc6406d4c3785b3d28f0f0658a4
6b1882751538bb6b1f01255645871ebd2a04fc619f45be11d6e16579c58f3a8e
6b5f4d073dd8eb180b8200558f0893bd7681f4fb46777d99a80a81b7d7be7573
6ff19b7667d10a375b4c4b0b8e06b39f5a05e315ea322408dd20b07cbeabe16f
7062323b9c3f6fbc07887ff7baaedb379d6836e7bfe70d7747025729598ab49f
707dd7199cd913a0e53621096bd383a21de0a1428a03ce795912955f6f58c5a9
77eb87926cbc4ca21f9da2a1d9290abe1cc08683d401d0e08a7aabd6447b3982
7806638cf6df5d6994d20cd0bd73c1962d984a791a8d31c300eb61768cabbd64
7e496561bf529679aecc8a98caf8451811766fca87ec95e8392969c0bf2c9966
8b8accda417737b92d5c583ef869c9339c25ccf30a95745b619afe2581b4c16a
92d4207ac2f79a9b12eccfd308b93b3f65baf2621b90a14a09d585a4aace4ea9
a994ac291ff03f767815f7cced278e47d026643277428fcff908df771e5805e8
adb1199df40b1e1404ec54a7f2b5f1aed2b20aa0a3048bdfee4e23457959fb43
af4d62d054aeb08e52c310ead34221d79182c1661a38bf9b0b51b9b6ed86fd97
b7760263cba6848749e6cc9376f0d4dfc3485878240848a526ef56ebd804327d
b7cfcb29cfa59d1b222ed9b13139749220004e8c1cca3892328981e88788bc71
babddc0ef39d42de434db62636b5abf9afa0ebe52b90140817cea21a2f19aa8c
c8a2aeacb857b44ef9d506b4626c22b746289845b1ae46eb3e7c4aa4fbfa6cbd
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
d9c06c9d8b27a79773424307c95650e03aa129c2bcf80f39a81aa002450fd6bc
dd9aa3632fcc3098b18888bc203868864fc1379e787f421ee5266d63fabf0ec7
dda9d58348cfe750ea71c9008d4afc57ec51928a254ca20610639ab5b86cf630
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e87b498af31b3820c0417ffe42e44d18d30319d22f9ff0b75b97b3efb96e89
e6302e608e935894e6644a54c841c53ff3bde0e5182110a2f171c94040450214
e81b65d480dc33ef815956230ab23a24fa841c6ffeea72d4d09bfa398f076740
e87e550794322e574a1fda0c1549a3c70dae5a93d9113417a429016838eab8cb

www.hello-win.live Open in urlscan Pro 2606:4700:3030::6815:5d05 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

55 Requests

98 %HTTPS

78 %IPv6

7 Domains

10 Subdomains

9 IPs

1 Countries

3464 kBTransfer

14233 kBSize

7 Cookies

0 Outgoing links

Page URL History

Redirected requests

55 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.hello-win.live Open in urlscan Pro
2606:4700:3030::6815:5d05 Public Scan

Screenshot
Live screenshot

Full Image

55
Requests

98 %
HTTPS

78 %
IPv6

7
Domains

10
Subdomains

9
IPs

1
Countries

3464 kB
Transfer

14233 kB
Size

7
Cookies

55 HTTP transactions
0 data transactions