ori-win.xyz Open in urlscan Pro
2606:4700:3034::ac43:8940 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://ori-resmi.xyz/
Effective URL:
https://ori-win.xyz/
Submission: On December 03 via api (December 3rd 2024, 12:02:13 am UTC) from BE — Scanned from DE

Summary HTTP 227 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 11 IPs in 4 countries across 11 domains to perform 227 HTTP transactions. The main IP is 2606:4700:3034::ac43:8940, located in United States and belongs to CLOUDFLARENET, US. The main domain is ori-win.xyz.
TLS certificate: Issued by WE1 on November 28th 2024. Valid for: 3 months.

This is the only time ori-win.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3031::6815:2f89	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2606:4700:303... 2606:4700:3035::6815:561c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
90	2606:4700:303... 2606:4700:3034::ac43:8940	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:81d::2008	15169 (GOOGLE) (GOOGLE)
5 5	192.0.72.23 192.0.72.23	2635 (AUTOMATTIC) (AUTOMATTIC)
5	192.0.78.13 192.0.78.13	2635 (AUTOMATTIC) (AUTOMATTIC)
77	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	46.105.201.240 46.105.201.240	16276 (OVH OVH SAS) (OVH OVH SAS)
1	149.56.240.31 149.56.240.31	16276 (OVH OVH SAS) (OVH OVH SAS)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
44	2606:4700:10:... 2606:4700:10::ac43:69a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2.16.1.171 2.16.1.171	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
3	2.16.204.97 2.16.204.97	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
1	2.16.204.81 2.16.204.81	20940 (AKAMAI-AS...) (AKAMAI-ASN1 Akamai International B.V.)
227	11

1 2606:4700:3031::6815:2f89 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ori-resmi.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:561c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

link-ori.icu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

90 2606:4700:3034::ac43:8940 (United States)

ASN13335 (CLOUDFLARENET, US)

ori-win.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.72.23 (San Francisco, United States) 5 redirects

ASN2635 (AUTOMATTIC, US)

sohogroupblog.files.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 192.0.78.13 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

sohogroupblog.wordpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

77 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

hiewr.h85cndf2moxnwjz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.105.201.240 (France)

ASN16276 (OVH OVH SAS, FR)

s10.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 149.56.240.31 (Montreal, Canada)

ASN16276 (OVH OVH SAS, FR)
PTR: ns534110.ip-149-56-240.net

s4.histats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

44 2606:4700:10::ac43:69a (United States)

ASN13335 (CLOUDFLARENET, US)

www.aryagames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.1.171 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-1-171.deploy.static.akamaitechnologies.com

cdn.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.livechat-files.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.204.97 (Hamburg, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-204-97.deploy.static.akamaitechnologies.com

api.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.204.81 (Hamburg, Germany)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a2-16-204-81.deploy.static.akamaitechnologies.com

secure.livechatinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	ori-win.xyz ori-win.xyz	964 KB
77	h85cndf2moxnwjz.com hiewr.h85cndf2moxnwjz.com — Cisco Umbrella Rank: 503562	3 MB
44	aryagames.com www.aryagames.com — Cisco Umbrella Rank: 510103	15 KB
10	wordpress.com 5 redirects sohogroupblog.files.wordpress.com sohogroupblog.wordpress.com	4 MB
5	livechatinc.com cdn.livechatinc.com — Cisco Umbrella Rank: 6260 api.livechatinc.com — Cisco Umbrella Rank: 5777 secure.livechatinc.com — Cisco Umbrella Rank: 7202	37 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 3353
2	histats.com s10.histats.com — Cisco Umbrella Rank: 14713 s4.histats.com — Cisco Umbrella Rank: 12589	5 KB
1	livechat-files.com cdn.livechat-files.com — Cisco Umbrella Rank: 28517	8 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	108 KB
1	link-ori.icu 1 redirects link-ori.icu	712 B
1	ori-resmi.xyz 1 redirects ori-resmi.xyz	681 B
227	11

	Domain	Requested by
90	ori-win.xyz	ori-win.xyz
77	hiewr.h85cndf2moxnwjz.com	ori-win.xyz
44	www.aryagames.com	ori-win.xyz
5	sohogroupblog.wordpress.com	ori-win.xyz
5	sohogroupblog.files.wordpress.com	5 redirects
3	api.livechatinc.com	cdn.livechatinc.com
2	region1.google-analytics.com	www.googletagmanager.com
1	cdn.livechat-files.com
1	secure.livechatinc.com	cdn.livechatinc.com
1	cdn.livechatinc.com	ori-win.xyz
1	s4.histats.com	s10.histats.com
1	s10.histats.com	ori-win.xyz
1	www.googletagmanager.com	ori-win.xyz
1	link-ori.icu	1 redirects
1	ori-resmi.xyz	1 redirects
227	15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
wa.me
t.me
urlfree.cc
secure.livechatinc.com
api.whatsapp.com
telegram.me
tinyurl.com

Subject Issuer	Validity	Valid
ori-win.xyz WE1	`2024-11-28` - `2025-02-26`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
h85cndf2moxnwjz.com WE1	`2024-11-05` - `2025-02-03`	3 months	crt.sh
histats.com R11	`2024-10-30` - `2025-01-28`	3 months	crt.sh
aryagames.com WE1	`2024-12-01` - `2025-03-01`	3 months	crt.sh
livechat.com DigiCert TLS RSA SHA256 2020 CA1	`2024-07-10` - `2025-07-10`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://ori-win.xyz/
Frame ID: 3C1DE618B97312AC81078E58A4A60DF3
Requests: 205 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=13163658&group=0&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Frame ID: 149F626A6ABECD0E70F5513F5C8E9E2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ORIBET : Situs Game Online Gacor Deposit QRIS 1 Detik Langsung Masuk

Page URL History Show full URLs

https://ori-resmi.xyz/ HTTP 301
https://link-ori.icu/ HTTP 301
https://ori-win.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

LiveChat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

cdn\.livechatinc\.com/.*tracking\.js

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

react(?:-with-addons)?[.-]([\d.]*\d)[^/]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

227
Requests

98 %
HTTPS

50 %
IPv6

11
Domains

15
Subdomains

11
IPs

4
Countries

7920 kB
Transfer

9633 kB
Size

14
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/groups/oribetklaimtanparibet

Search URL Search Domain Scan URL

URL: https://wa.me/85599668268

Search URL Search Domain Scan URL

URL: https://t.me/oribetofficial

Search URL Search Domain Scan URL

URL: https://urlfree.cc/rtp_oribet

Search URL Search Domain Scan URL

URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13163658
Title: Chat

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=85599668268
Title: WHATSAPP

Search URL Search Domain Scan URL

URL: https://telegram.me/oribetofficial
Title: TELEGRAM

Search URL Search Domain Scan URL

URL: https://urlfree.cc/oribet
Title: LINK ALTERNATIF

Search URL Search Domain Scan URL

URL: https://tinyurl.com/yvz96utw
Title: APK ORIBET

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://ori-resmi.xyz/ HTTP 301
https://link-ori.icu/ HTTP 301
https://ori-win.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://sohogroupblog.files.wordpress.com/2023/12/51585-multi-media-computer-internet-facebook.gif HTTP 302
https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/51585-multi-media-computer-internet-facebook.gif

Request Chain 2

https://sohogroupblog.files.wordpress.com/2023/12/whatsapp.gif HTTP 302
https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/whatsapp.gif

Request Chain 3

https://sohogroupblog.files.wordpress.com/2023/12/jkbymiu.gif HTTP 302
https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/jkbymiu.gif

Request Chain 4

https://sohogroupblog.files.wordpress.com/2023/12/spin-wheel-ori.gif HTTP 302
https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/spin-wheel-ori.gif

Request Chain 5

https://sohogroupblog.files.wordpress.com/2023/12/rtp-gacor-1.gif HTTP 302
https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/rtp-gacor-1.gif

227 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
ori-win.xyz/
Redirect Chain

https://ori-resmi.xyz/
https://link-ori.icu/
https://ori-win.xyz/

68 KB
15 KB

485ms
428ms

Document
text/html

2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b596f1c31c496c78ba2653dc01065eb76d0c7fda5595f9363e6abe36ce1f6e67

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8ebf4931ebedd3bc-FRA
content-encoding: zstd
content-type: text/html
date: Tue, 03 Dec 2024 00:02:06 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QKzbZ2oc6%2B8jbvdCF20Sw7VL%2FhhgXDxMHfTDCAB0TPu22zRGzV528fWltXT0A3XbRkQ4MQHKEBU7bhaur6%2FYhVGNvpE4ZrWdbNB4UUX%2F3jub7DI5fZypUcbodp4gy1qatxbkp33wE46NJg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=7319&min_rtt=6102&rtt_var=2665&sent=13&recv=12&lost=0&retrans=0&sent_bytes=4194&recv_bytes=4515&delivery_rate=820&cwnd=12000&unsent_bytes=0&cid=79e83cb05850ba1f&ts=439&x=1" cfHdrFlush;dur=0
strict-transport-security: max-age=2592000

Redirect headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=3600
cf-ray: 8ebf49317910db9b-FRA
content-length: 167
content-type: text/html
date: Tue, 03 Dec 2024 00:02:05 GMT
expires: Tue, 03 Dec 2024 01:02:05 GMT
location: https://ori-win.xyz/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority: u=0,i
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nx0jD7%2Fj7Nqb%2BQfOeSY2rz2WNCLmMbcKZsdrSwcWrotuFnZe4zP%2Buox2Cdp9Ziv71WLHpY56CxfwG95VGoCR5DqEjvqBR4RBFrtvFy4dFjRtw0JlZZBockuhfNoU7if7sZjUncZFQaH2KU0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
server-timing: cfL4;desc="?proto=QUIC&rtt=6076&min_rtt=5991&rtt_var=2307&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4208&recv_bytes=4337&delivery_rate=397247&cwnd=12000&unsent_bytes=0&cid=913b441603975895&ts=49&x=1" cfExtPri cfHdrFlush;dur=0
vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 323 KB
108 KB 73ms
17ms Script
application/javascript 2a00:1450:4001:81d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XSCBCQCVWJ

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

36e72519e4de23f8499afcc777331149f317f500f6bb63f0dc0811770a266d94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Tue, 03 Dec 2024 00:02:06 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 109749
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

51585-multi-media-computer-internet-facebook.gif
sohogroupblog.wordpress.com/wp-content/uploads/2023/12/
Redirect Chain

https://sohogroupblog.files.wordpress.com/2023/12/51585-multi-media-computer-internet-facebook.gif
https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/51585-multi-media-computer-internet-facebook.gif

321 KB
322 KB

102ms
13ms

Image
image/gif

192.0.78.13
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/51585-multi-media-computer-internet-facebook.gif

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Server

192.0.78.13 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

61bed2b3d6f7e7c9422e3ca4161424794870b3514050ee5c38d8df91bbd1f933

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

strict-transport-security: max-age=31536000
expires: Wed, 25 Dec 2024 00:48:51 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 328785
date: Tue, 03 Dec 2024 00:02:06 GMT
x-ac: 1.hhn _dfw HIT
content-type: image/gif
last-modified: Wed, 13 Dec 2023 04:53:00 GMT
server: nginx

Redirect headers

location: https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/51585-multi-media-computer-internet-facebook.gif
x-nc: hhn 23 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 138
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/html
server: nginx

GET
H2

200

whatsapp.gif
sohogroupblog.wordpress.com/wp-content/uploads/2023/12/
Redirect Chain

https://sohogroupblog.files.wordpress.com/2023/12/whatsapp.gif
https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/whatsapp.gif

51 KB
51 KB

102ms
13ms

Image
image/gif

192.0.78.13
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/whatsapp.gif

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Server

192.0.78.13 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1aa3598e3effa3c9be12f72b0b383b47e0b86c5e284a1d8fd204b131af1d9717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

strict-transport-security: max-age=31536000
expires: Thu, 02 Jan 2025 20:34:26 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 52348
date: Tue, 03 Dec 2024 00:02:06 GMT
x-ac: 1.hhn _dfw HIT
content-type: image/gif
last-modified: Wed, 13 Dec 2023 04:53:29 GMT
server: nginx

Redirect headers

location: https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/whatsapp.gif
x-nc: hhn 23 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 138
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/html
server: nginx

GET
H2

200

jkbymiu.gif
sohogroupblog.wordpress.com/wp-content/uploads/2023/12/
Redirect Chain

https://sohogroupblog.files.wordpress.com/2023/12/jkbymiu.gif
https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/jkbymiu.gif

85 KB
85 KB

94ms
7ms

Image
image/gif

192.0.78.13
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/jkbymiu.gif

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Server

192.0.78.13 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5e6edfeb9f53de5c3e3be17b587ebd4b5ea8504fb38ba92be9271c7a6945bb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

strict-transport-security: max-age=31536000
expires: Sat, 28 Dec 2024 04:30:45 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 86633
date: Tue, 03 Dec 2024 00:02:06 GMT
x-ac: 1.hhn _dfw HIT
content-type: image/gif
last-modified: Wed, 13 Dec 2023 04:53:54 GMT
server: nginx

Redirect headers

location: https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/jkbymiu.gif
x-nc: hhn 23 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 138
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/html
server: nginx

GET
H2

200

spin-wheel-ori.gif
sohogroupblog.wordpress.com/wp-content/uploads/2023/12/
Redirect Chain

https://sohogroupblog.files.wordpress.com/2023/12/spin-wheel-ori.gif
https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/spin-wheel-ori.gif

354 KB
355 KB

102ms
14ms

Image
image/gif

192.0.78.13
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/spin-wheel-ori.gif

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Server

192.0.78.13 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0a4df4278901d4e06200be238f3cec721812be9c6ecd7594b3ae6d413f773773

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

strict-transport-security: max-age=31536000
expires: Wed, 25 Dec 2024 21:43:31 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 362532
date: Tue, 03 Dec 2024 00:02:06 GMT
x-ac: 1.hhn _dfw HIT
content-type: image/gif
last-modified: Wed, 13 Dec 2023 05:14:19 GMT
server: nginx

Redirect headers

location: https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/spin-wheel-ori.gif
x-nc: hhn 23 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 138
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/html
server: nginx

GET
H2

200

rtp-gacor-1.gif
sohogroupblog.wordpress.com/wp-content/uploads/2023/12/
Redirect Chain

https://sohogroupblog.files.wordpress.com/2023/12/rtp-gacor-1.gif
https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/rtp-gacor-1.gif

3 MB
3 MB

101ms
13ms

Image
image/gif

192.0.78.13
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/rtp-gacor-1.gif

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Server

192.0.78.13 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

39dff364559118cbce1e41e703a30ba1ce9774dae390d892f6a38c0edf138a97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

strict-transport-security: max-age=31536000
expires: Mon, 30 Dec 2024 16:18:31 GMT
x-orig-src: 01_mogdir
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 3327257
date: Tue, 03 Dec 2024 00:02:06 GMT
x-ac: 1.hhn _dfw HIT
content-type: image/gif
last-modified: Wed, 13 Dec 2023 04:54:27 GMT
server: nginx

Redirect headers

location: https://sohogroupblog.wordpress.com/wp-content/uploads/2023/12/rtp-gacor-1.gif
x-nc: hhn 23 np
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
content-length: 138
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/html
server: nginx

GET
H3 200 01012.css
hiewr.h85cndf2moxnwjz.com/common/templates/v2/styles/ 12 KB
3 KB 713ms
645ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/templates/v2/styles/01012.css
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b311d7f128fc60a7773d710d581f5f8d9352cfaeed74fa14470e492a6e2b6ce5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: REVALIDATED
x-amz-version-id: So9v6lwGgnb7uWmV9lo4T5gVkjc0hJvD
etag: W/"5baa2ca36db7cb0eae5554ebd329cbff"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jqai2SAlcm6DuOpxwqBgPdDlU2Z87%2BYmCutvePZDzh4QaKeTTI%2BJkTgHnMggr9vUzDUdXQE%2BQ5VGCwpFDkjRlejiS%2Bp0kvm1EWwPNRw3Si5spnU9U3WUlowEFLrKsB2NlBNraKatTonZQdj0erD7pi96QXs2w1Qa"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: SmJKGHYke1yCpXPp6GKZzjxl6GmcJHF5tBPP5DYQVEFdEcl6daAOUA==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/css
last-modified: Sat, 16 Dec 2023 07:43:03 GMT
vary: Accept-Encoding
priority: u=0,i=?0
x-amz-id-2: UtwdTQ07qg8tt/nbR3NB41l+FAqOsZYMDP3ttfouIOrhQJh6nie4+/H54uC09hKmGZJhDphYwbo=
server-timing: cfL4;desc="?proto=QUIC&rtt=9194&min_rtt=6636&rtt_var=1280&sent=80&recv=54&lost=0&retrans=0&sent_bytes=75729&recv_bytes=9731&delivery_rate=63871&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=670&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 32db37931b5639dc27ebaba3ad4f3d2c.cloudfront.net (CloudFront)
x-amz-request-id: QCVJATA9BJB5506X
cf-ray: 8ebf49351b6e9143-FRA
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 0000007.css
ori-win.xyz/styles/brands/ 152 B
801 B 34ms
34ms Stylesheet
text/css 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/styles/brands/0000007.css

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99abeb3d8b86c6c104e64951a9eee2331384eba0cf357a9de2c063e15e6361bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1d9841688002c18"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DlSnxvmlYwVCi3NTW2ei%2BeUtq7tSFgFzxzkXa6ZdaEByPHFrsZx%2BlxhPGz8sP7XEouc1IhFpgivVMu2vAYIV9RSm0Y%2FdBIvlIVK5fvshfgc3MMu6HuBwNT5z792lb%2Btqp8YiBoYnQ0tDcQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9209&min_rtt=6102&rtt_var=2395&sent=43&recv=25&lost=0&retrans=0&sent_bytes=16961&recv_bytes=5339&delivery_rate=383799&cwnd=12000&unsent_bytes=0&cid=79e83cb05850ba1f&ts=471&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/css
last-modified: Thu, 11 May 2023 14:40:29 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934aa77d3bc-FRA
server: cloudflare

GET
H3 200 scenes-Award-Award.2b8aae76.chunk.css
ori-win.xyz/static/css/ 3 KB
2 KB 29ms
25ms Stylesheet
text/css 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/css/scenes-Award-Award.2b8aae76.chunk.css

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9df7668c988384b48d0d60f3d7c9fa22c7523b60997510369ddb8bca011eb02

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3286e71"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2Fca0yhPHyI1211IWAPbZbXfRL1v2UthNqZYAksNtj5LPyaDkfv02PnCO5ee1gDWovjsgCV0j%2BCzAxMVaFqQf9Zwv6uXdV2kJK3cMnk4tenpx6KBw07ZSN2hKxBYqm83eZOi9di5%2FK2ejQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9034&min_rtt=6102&rtt_var=2252&sent=55&recv=37&lost=0&retrans=0&sent_bytes=20672&recv_bytes=8045&delivery_rate=325187&cwnd=12000&unsent_bytes=0&cid=79e83cb05850ba1f&ts=486&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934cad0d3bc-FRA
server: cloudflare

GET
H3 200 scenes-Benefit-Benefit.2b8aae76.chunk.css
ori-win.xyz/static/css/ 3 KB
2 KB 30ms
25ms Stylesheet
text/css 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/css/scenes-Benefit-Benefit.2b8aae76.chunk.css

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9df7668c988384b48d0d60f3d7c9fa22c7523b60997510369ddb8bca011eb02

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3286e71"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3%2FRPvJlfxFuwhg4cHKWn7J%2BoOz%2FoAh%2B0YyORPm2ejCtHW18k%2FJg0cj0yZCB8Hj0IitffcWzF4Oyfk5iBrYLsD21vQ1VHKILuZqOu5aFMXiIaltEKK2qwdFhjMmB8eviCm2%2F0rZFEy36NXg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9034&min_rtt=6102&rtt_var=2252&sent=60&recv=38&lost=0&retrans=0&sent_bytes=24421&recv_bytes=8358&delivery_rate=325187&cwnd=12000&unsent_bytes=0&cid=79e83cb05850ba1f&ts=489&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934cadcd3bc-FRA
server: cloudflare

GET
H3 200 AppLink-AppLink.2b8aae76.chunk.css
ori-win.xyz/static/css/ 3 KB
2 KB 29ms
24ms Stylesheet
text/css 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/css/AppLink-AppLink.2b8aae76.chunk.css

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9df7668c988384b48d0d60f3d7c9fa22c7523b60997510369ddb8bca011eb02

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3286e71"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F4ct%2FiarNJAYVP7Q%2BzgoIO1m86ocpzPnPWx7JQUxNpt4Y4cOdfkPlh2fs3BGWv%2BqVfhmRU6E80Mc5aJGKkOygcIouP37g1XXZqm99xOHfP3Ka35ua3ZVHQPxA6Pje7Tsm%2B7UQglO8Cf4pA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9034&min_rtt=6102&rtt_var=2252&sent=58&recv=38&lost=0&retrans=0&sent_bytes=22557&recv_bytes=8358&delivery_rate=325187&cwnd=12000&unsent_bytes=0&cid=79e83cb05850ba1f&ts=489&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934cae9d3bc-FRA
server: cloudflare

GET
H3 200 scenes-Deposit-Deposit.8abf7d79.chunk.css
ori-win.xyz/static/css/ 9 KB
3 KB 30ms
23ms Stylesheet
text/css 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/css/scenes-Deposit-Deposit.8abf7d79.chunk.css

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25ff61a60b8c94e9b6bf71b4783fe15f54d772dcd9789c588d79abc11a75b15d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c32847cb"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rNGU7JUsBT2LPurZqI%2BYiAGBhbozubbgjccvf1kWCrGsSSHNP%2FX0LkdDNAe%2FKyZqveh%2FpTjquqrso34EOd%2FZDbVeBDWwE4uAfEJAowpJ4HnH3btiWL0Dt4nzTD3Kp8GOkjEGw56MOsSD7g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9034&min_rtt=6102&rtt_var=2252&sent=63&recv=39&lost=0&retrans=0&sent_bytes=26311&recv_bytes=8667&delivery_rate=325187&cwnd=12000&unsent_bytes=0&cid=79e83cb05850ba1f&ts=490&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934caefd3bc-FRA
server: cloudflare

GET
H3 200 client.1c7fe4da.chunk.css
ori-win.xyz/static/css/ 66 KB
13 KB 30ms
23ms Stylesheet
text/css 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/css/client.1c7fe4da.chunk.css

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ed8c1182ebad9cfd751a5d57cb56abe8bb11ea8c5aab1f51ce7a929eb09dca

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c8be65"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lwgti6qL0qTENN2sJ6TjM7g9uS0ehIQquGs%2BuwTey5YqtL8SYARZc1Ra4zP4yj%2BeJSMUxR4GpZq79RudIp2aAD3ca0A58gB4qN%2BOmD3idsyUv0Eyl73yoKG2dR6%2B%2B%2Fs18NoymXh%2FEgTazg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9034&min_rtt=6102&rtt_var=2252&sent=66&recv=39&lost=0&retrans=0&sent_bytes=29465&recv_bytes=8667&delivery_rate=325187&cwnd=12000&unsent_bytes=0&cid=79e83cb05850ba1f&ts=490&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/css
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934caf7d3bc-FRA
server: cloudflare

GET
H3 200 runtime.01c604fb.js Show response
ori-win.xyz/static/js/ 12 KB
4 KB 60ms
52ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/runtime.01c604fb.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5d1ba0f05b8ffa85aeb278482c80055742a57507b523459ea52d1b4ddbca536

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb3627c0a"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q79DXWHLHkab1pqRO17tRF8HyuIGMJzPoKqC8dT1CpV0hX4XVklv%2FosTeusuOlZx5uxR9IQRaafMtz8iAR%2FITbSQSUcrayyumXAurFcA8kvYaa%2F9qnDFt81ljJgLjzTjrEhCcBBfz1fjxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934caffd3bc-FRA
server: cloudflare

GET
H3 200 npm.babel.1cf19ce4.chunk.js Show response
ori-win.xyz/static/js/ 9 KB
3 KB 60ms
51ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.babel.1cf19ce4.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9a11e877ed05bfccfec40090e09678da2d25f0e6fc95b9855db213361eebc62

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c992af"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QUtNEnFDNmfohu1ndtobiVe3lCJNzY30BaNuXfTc287C6ZGJuaO3bguxlIWvzPPjGAyjHz6jNUDGlFQCGGV4l%2FkRmfWWiGy1%2F4G1Uqv%2BKPTEUXenv47yCUr48f3zvNGnr0z9eYEEkVZxyA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db04d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-redux.ef1f0d46.chunk.js Show response
ori-win.xyz/static/js/ 3 KB
2 KB 60ms
50ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-redux.ef1f0d46.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0083c6c95c49084f06e7d620057482e32d8598398972fa3816d9adf640ca21ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9bb66"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zsS0kEuRCSq0eLR%2B8n7sdoHlqGxFiRpAHbFvDYP46ctvwTl1EmNvrEHa2IvsRVOAimLJz2qLocehTieBh4%2FKyCNSSpZRSCsTPcfiP3ix6ceETYNcK5x5PBwCIkozyg09FgaVNZU8c%2Bni7g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db09d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-promise-tracker.4fa09e33.chunk.js Show response
ori-win.xyz/static/js/ 9 KB
3 KB 60ms
50ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-promise-tracker.4fa09e33.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f516f19110df3c7f3b187460a87e89adbaa3d1c7fdc37910fa29f26ff5bd4ace

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c99435"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=47l2BRgrnGJyPFoak1p9HrR3LbSxvX0%2B4neDR0CC9IM%2BKSqt4vEPuPUtDGw8EwurzDplza8r1hLxCsiAcHIfuawNmQvWc5HbRKCfy0l%2F%2FFZyEHavZxv4qH0jzoC1oWQs7HzS8E%2Fqh%2Fj0PA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db0cd3bc-FRA
server: cloudflare

GET
H3 200 npm.react-polyglot.332d1b1f.chunk.js Show response
ori-win.xyz/static/js/ 4 KB
2 KB 59ms
47ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-polyglot.332d1b1f.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6616845413c55ce97d7594030133cc49c73eea34c11dffffb3bf2ef827d8629d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c32873cb"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hJL7rRw3Yfgp%2FfsjjPHv8sq9S0HPEL9NONf%2FIrSNJ4T1rDtiiNoje74GXfUUp0RMqkQb6YoJ3hesDQqsug2Rfpiixt0RZ%2BcKSqU8Z8RjmjAjX0PI17YvzjdkwilFiWJLJyOlJh3x13KHw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db11d3bc-FRA
server: cloudflare

GET
H3 200 npm.es-abstract.f1a2daf0.chunk.js Show response
ori-win.xyz/static/js/ 7 KB
3 KB 59ms
46ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.es-abstract.f1a2daf0.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

faae4127bb47cf73f368c5d40f1ea743ecdf7519c2296b7cf12ec70b42faf76b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3287e59"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9nPcU%2BaNIm0QGClTI7xuOFDqMOr25qqMHGOFXEWNKC1QuoaX2onWWedBd59xAhyf8ocylYpAKdn1EyHMzyLl3Rm9R1ehR9UOsoB0C9gfrqCIhgCNb0L5nn9mHZrSnTFnDWZrg0Y6%2FdMe8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db13d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-router.96543ca5.chunk.js Show response
ori-win.xyz/static/js/ 10 KB
5 KB 62ms
49ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-router.96543ca5.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5016a9bc54b4e59bb1c2cefedb72f63345ceb0b03d92b8230032c9ba42a6b2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3284b92"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gZdK52T2XXVE%2BssEuzuvkwYaZEL%2F5dWHyjRanDDUPkmnyi18DMdsOuAVJmbFRDS9inTre2HOZFw6fiSF6vbMSWsb%2BKzqNu13ZdpXaHWFNF%2BBaHksTzr1OHQSz18jSHkdEYS7KxeGfBDFHw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db15d3bc-FRA
server: cloudflare

GET
H3 200 npm.string.prototype.trim.b8b15ade.chunk.js Show response
ori-win.xyz/static/js/ 1 KB
1 KB 60ms
47ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.string.prototype.trim.b8b15ade.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

71271c28cfbe0a4ec260818ffbfddecf4632887d58b9fc09ae734ec694c14188

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb36248ab"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KgT1rR1f7%2B1b%2BZeG8b01CgjGxAnHdrAef7ud8RZjAgbTDVswDAMAghqdYiwNAlv6J%2Fwsg5cVQjMnw0YPYQs5ibqR28Nq1vhcp7MjRHzWEym4tsM9REpNbcIJlTTAK6fwFfVgSyupvVMNSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db16d3bc-FRA
server: cloudflare

GET
H3 200 npm.webpack.a9156631.chunk.js Show response
ori-win.xyz/static/js/ 958 B
1 KB 61ms
48ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.webpack.a9156631.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f97467796fda5320f4f37708a2cd4e472cee519dcd1a78170ca82d10b94becc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3c0f9be"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e7wt%2BfUGGSWxJqLzLWTjyJ73yy83MWG3%2B7jQSY%2BFfJFakeiKJ62xJSvcHP8NC8vus1qtCJWcZ6CjvwQlICA24W91r94ACaIwVVs1SihVCWA658FHkyaurIlHlSKyFsRepy%2FMcg8beiiAbw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db18d3bc-FRA
server: cloudflare

GET
H3 200 npm.object-keys.5dd3ba8c.chunk.js Show response
ori-win.xyz/static/js/ 2 KB
2 KB 61ms
48ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.object-keys.5dd3ba8c.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3d9078907b88c8a9ceb6b75ee3fc64a93dedb114f0c73ea5c31afb644fe1741

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9bf47"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Z9WDjkRuE%2F7yAjkJ61sOasUmVBsDc72Qk%2B8JVP1K7k3Do3pKkMotjBccdrBLNvO5rh9Hq2PhRFnsdUSy2%2Bt8qW5i%2BmK97A1cq6VggjWDi43l5TAnIguiiUChsyWQyrpx6jb1Bjbw3ZW4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db1ad3bc-FRA
server: cloudflare

GET
H3 200 npm.prop-types.21c6102c.chunk.js Show response
ori-win.xyz/static/js/ 889 B
1 KB 61ms
48ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.prop-types.21c6102c.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c84e6c3a1c6b0a22b4b5d0e7ea50adbc15230fa551eea8f2af7a0aaa6bd709e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9b579"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hwGdZ0abIg5o7Ct0b%2FqVimqzQ3QFO3pzuKFwnvIEkg80c1rqnHi5pzAKFdRjA1y4vq5KSR51wwqmNdEXuw%2FFL1iAhSwe3suJ6mAEO%2Bnqghh7pxxq%2BxkPAckG3%2BfNMYywtkacP4UxLFoGzg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db1dd3bc-FRA
server: cloudflare

GET
H3 200 npm.react-global-configuration.670e3c49.chunk.js Show response
ori-win.xyz/static/js/ 5 KB
3 KB 61ms
48ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-global-configuration.670e3c49.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd9630aedfc200af33df73edd9f04c57c5aa43d24c1996bcaf85c6e79f2e2ec3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c32870db"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qz91zG35Gj7dm2%2FxqYkTqz8rkQ4KE%2Fux0PN%2BcjgQZaGORFqIjf6u9WRprJKTsrx1MZp7LeD2HyrjCOvnYi9SuLAfkCiJ%2BI9WeBnkm6BGvMK7norB6DNUhH6WQZ%2BdPW1RddmsmEUX%2BlkkRA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db23d3bc-FRA
server: cloudflare

GET
H3 200 npm.function-bind.ed986a1e.chunk.js Show response
ori-win.xyz/static/js/ 893 B
1 KB 69ms
56ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.function-bind.ed986a1e.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

255df51c64fad60b79af3fdad5cd3bf383b5efa6b7c647eeef9702d170356357

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c32860fd"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HMgi82lsu16bXfqsHHYKL4r4eBzkH4QOxxjM5ONimhjbs70ys0cHCMFeersNLkEsjY4hhua82vOZj%2FJLU839uQnEb8QlMzSIYpj5Nxb6bDoi93dHxP48YBGyaIk7giHA6F2%2BCNqBq5IMog%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db26d3bc-FRA
server: cloudflare

GET
H3 200 npm.has-symbols.d78af159.chunk.js Show response
ori-win.xyz/static/js/ 1 KB
1 KB 70ms
57ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.has-symbols.d78af159.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a44dfe14c831a16b8d5835ee62f4a5afd4f435e09c095af6892c896968bdf29

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3286741"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=te9Rwff33mZ6GvwHrgXHzixos%2BWVrn%2FmFgBScQc2eE7%2F0MPm1rZGF5qbNDfLvouwyla3dfdmPl6yrY1eRpFjyaaRGtpUcCEQ2m9nkxOpcIyqqsKri0CBLmCWYbcN2Jht03vecR%2BsjlIWXg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db27d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-dom.0ba0a0d9.chunk.js Show response
ori-win.xyz/static/js/ 115 KB
38 KB 71ms
58ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-dom.0ba0a0d9.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9cdf2ab86eaefcc9b040830a2ed1f93d5f5ead25fb142dfd7c3fbe209ba342ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c87d49"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fZmZMA9uE9yQqrMGQ88Kph2OF8n3mJ10Z%2B07q9FRjhbAhvwEYMwi7F2H0eId6VXoTKd9mpyog%2FExfz0v7mYHBtESUBRnaW2Xw%2B8q5e%2Ba1vg9CR%2FtyzhFGX2R%2FxI7ZvumUacdeAYndFONvQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db28d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-is.3ea997cf.chunk.js Show response
ori-win.xyz/static/js/ 2 KB
2 KB 85ms
72ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-is.3ea997cf.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14d70f3198f5edf76a86ad92a256dd486dc1fa3754d8c82daccff00cddb4aa16

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3286acd"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IMlOW8%2FB3E3hpf%2BFXZKD9QAo2L5lFSbNpE4YBOvCSARQ8GCIArP%2BRwCnpU4R4fV7LfbM%2BXgK3W3ffX5D9fSQgBqEHMG5xPNkJOysZBNj%2Bkp9UYz6DyvrCfVjiG0kdBd6%2BFWYhcwlA%2FX3KA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db2ad3bc-FRA
server: cloudflare

GET
H3 200 npm.react-router-dom.2600172d.chunk.js Show response
ori-win.xyz/static/js/ 10 KB
4 KB 85ms
72ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-router-dom.2600172d.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d07e18fdf295cc8ccdb84c64356ffb8caebb54d83285e95e7ee59af8228075b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3c0dc6c"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u63WONH1ntCYvvQYIB6%2BjwpZrv4RHSHJjnUYagtEDT5TRILD%2F6XrtZUozbBHilPFRXdsvTKPBLbx%2FoDNV6oO1pBW3QFaUTdn9vz1n%2FI7XSp68wWlgIkLWAgLQfaVALvoMGQcIogVmMtMaA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db2cd3bc-FRA
server: cloudflare

GET
H3 200 npm.react.421486f6.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 85ms
73ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react.421486f6.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccc6630c4923243b9dfd34272b6f61827533a3c5c905bf3dac6cb6ba493bf25c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9af31"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CEOxDhJVEsFqVXEMuarY5IyFY9SuNctlOC558cQfue4b9cYUsz2t4z%2BzyLu00nc13kLSJWMJRXkoIUCNckgGLT5GvZP72Qwpy%2FvMbHpZygEvEcIgIhuT35ZEsf%2F7C58veUhZztKjMdERqw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db2fd3bc-FRA
server: cloudflare

GET
H3 200 npm.scheduler.8cf6035e.chunk.js Show response
ori-win.xyz/static/js/ 5 KB
3 KB 85ms
73ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.scheduler.8cf6035e.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5b35698d5f191b55d85cd010c78092c48f6d1a150d5576275ca510876c966ff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb3625e78"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RwLJoTw1Bwi4g9wljwNFq7rqLQnvSCGPNQFa5k%2BbuBSp9yMhnoOhLbHS%2BLKT5ex9K79KueSQ2CONnIuRieHAgSdeHt8RvKSxfFU7ZpQElcGRl57vr1UuMc35G9EL3wq%2B24lkhSR4gQOnNA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db32d3bc-FRA
server: cloudflare

GET
H3 200 npm.symbol-observable.6e22830e.chunk.js Show response
ori-win.xyz/static/js/ 526 B
990 B 85ms
73ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.symbol-observable.6e22830e.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c2bd90034bd6b6fa87653aefbf49541c54d03ebe332636c26ea70ef440dae2fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb3624e8e"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dQ560eRqfCLtGjOj1exqquNf5MSgYTOW2WApOj3Edm2zEetPjgU0lgv6lSS6UeATqdz%2BmjXhKqBbBBCd9V6HM%2F9DTL4jrXL3Ktyqw3EIi89JNaRQ7Jw86j8laiLGGlQoRGSx3YSPLl%2F2sA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db36d3bc-FRA
server: cloudflare

GET
H3 200 npm.loadable.5f820305.chunk.js Show response
ori-win.xyz/static/js/ 5 KB
3 KB 85ms
73ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.loadable.5f820305.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a1eeba10f1b384ec936830cb772cf211747d696176152cccd4a12a485cb1c1d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3287740"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UPhEcGIqnRoqbAJ%2BCVXOEJZTuTzJ51gF5zOVU6qAQTqIRFd6ETGpll1Vnn30UFl%2F2RihhdXPPMa59HFTXtioNC0wgWJ1U9j32FJMbKYIRycgGNU5MA8y%2BpCB%2BFuo3xXHtItpSPnYiriixQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=507&x=1", cfHdrFlush;dur=11
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db37d3bc-FRA
server: cloudflare

GET
H3 200 npm.dayjs.33522293.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
4 KB 77ms
64ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.dayjs.33522293.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2af30b1ff3e3eead97a09c08609e1e573eb131f06c1c43589e27bf85dcfaa693

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3287a87"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NWV80El9djVQ7xmEJFAbLIGp5301erEaBFnfOK7KuW9Q0z8D9j7hrk9OaFOQ%2FYD725AV08sT0e8rm4Bc5HaxJpOgvm2Mg32j%2F612Yjv9sZYnVzmdUMBMb1xJHxPakdLQu0mmIbXR4P6mUw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db38d3bc-FRA
server: cloudflare

GET
H3 200 npm.deep-freeze.506ebbef.chunk.js Show response
ori-win.xyz/static/js/ 330 B
908 B 78ms
65ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.deep-freeze.506ebbef.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb2a1409b88726255c2f669950b82472b1b35ccdc33b2e68fd4c4ab6c65bdf83

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9b74a"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7Nw5bnkqzBj4AfO7EdX1MEPkK0uFUvS6xn2fF%2F%2Bp0xyiD69CItXSjR4pmZ3DJEQMRy3rV3J5VraQgGuGj6y1zopO5T1gQAjtk6BB9exe1ezYZAFYzttBPx1iMwsauWlpWYwd%2Fdf%2Fh68abg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=507&x=1", cfHdrFlush;dur=11
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db39d3bc-FRA
server: cloudflare

GET
H3 200 npm.define-properties.3333b7dd.chunk.js Show response
ori-win.xyz/static/js/ 784 B
1 KB 78ms
66ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.define-properties.3333b7dd.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea0ee535f1efc0dc1b3a4f67ae86691b9037b0cc25d350e7c014554a1c58615c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9b510"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BArOL9nXA77v1HrNlRDc6XvZYX7E8%2F9xfzMSzcvGjkTqc37QzxaBId8QrqYUGukRS2iR2YbAGinSbkREf9F5izkRcc8EMKGPJjD8O5VprntPQtGfyFwXICizne63K8Sm5gm1slSSpAVh6g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db3ad3bc-FRA
server: cloudflare

GET
H3 200 npm.fontfaceobserver.d0358db3.chunk.js Show response
ori-win.xyz/static/js/ 4 KB
2 KB 78ms
66ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.fontfaceobserver.d0358db3.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0991fecd13807552539382af8cc902772d6496f16995d6ccb06f7a5a702bb2c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9a6ce"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4rJNuEx0VnL%2F9%2BON01j%2BOqEkEBiQhvws4MWDFo%2BarolAMp9zejvPYSNK18hxQvd55FEgHbv2%2BSCUvRSXglFSOkaVRzjnl4%2B5RPEsNj0zu07R0Ny8SXrYGyAOvhkWo7UNIig26kgPceoo%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=508&x=1", cfHdrFlush;dur=10
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db3cd3bc-FRA
server: cloudflare

GET
H3 200 npm.for-each.877c2067.chunk.js Show response
ori-win.xyz/static/js/ 695 B
1 KB 79ms
67ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.for-each.877c2067.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

681c648bccc2a4d05bef5f91a75e2407a6cc77930a9120d63efc88316355cf6e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3286137"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tgFyRw91eUl%2BEsRUIENUk8Sy8MHSsPoLUNGROhxE%2BEe78AWpCpB3UygjCQV9Se%2B0p6KoG2fzcZyBVfjpnXPuLbJ6y5bRsyP4DqtrTSCFw1E4wv7vpFEIQGTWPV4z98XS3yWhsIhsT2Quyg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db3dd3bc-FRA
server: cloudflare

GET
H3 200 npm.has.98bdfb4d.chunk.js Show response
ori-win.xyz/static/js/ 204 B
850 B 79ms
67ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.has.98bdfb4d.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a96ecef95e23b0366d5e75fe3d47932f08ef36f409ce68507b806224430db6a4

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c328634c"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MKxCZdcyqYmC%2FhRTYeb260HKKq5v%2FCAPC315MwYUGc5fZOcah5CfftHjdHnAZ9NP%2FmTnZmPqzWY2MiCbZcV%2Bl8bclz1vsRkT5QaTo1L8IfvEWYvp6RLHnmUY5IXWIr3Orrxnfr%2B8JnbMVg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=507&x=1", cfHdrFlush;dur=11
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db40d3bc-FRA
server: cloudflare

GET
H3 200 npm.hoist-non-react-statics.be1c5d54.chunk.js Show response
ori-win.xyz/static/js/ 1 KB
1 KB 79ms
67ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.hoist-non-react-statics.be1c5d54.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a03ba53781c3f8679beec49211b83c3c6b0ef258465d4ad7c984d87861f072e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9b239"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RuInb3%2FEE26H5o0ci0XYEdfE97APXRg%2BH4rzAtXI9LzrWW4uHYR9AIHI1mxd5AMeLqWyillHgfPPyT0eAWhT5j8pogKrPAAW13zduUCCmRRS3KDJ%2B00J1tfSjbW%2B2xCxX9kfac7KP%2BCjQw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=507&x=1", cfHdrFlush;dur=11
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db41d3bc-FRA
server: cloudflare

GET
H3 200 npm.is-callable.31b51388.chunk.js Show response
ori-win.xyz/static/js/ 1 KB
1 KB 78ms
67ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.is-callable.31b51388.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

696e8f5e4a64889469b9b1f259c08502e1b376aea17246b08691f5062177386b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c32867b8"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=taWw%2BW8OsbEflofEXGYKzu%2FSjxwYT1uJRL%2BVnfVgEeKV4Fl3Dnx1%2BXDjSYubOEjC9TuixjsaqtiYFmiE4Z0iP%2F%2FOGR2MrMb%2B20S34V2fqMQU8UTIhR%2BsR4sXb0H%2BMtmbR4rTvxb36aMYxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=506&x=1", cfHdrFlush;dur=12
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db42d3bc-FRA
server: cloudflare

GET
H3 200 npm.mini-create-react-context.b1a9a770.chunk.js Show response
ori-win.xyz/static/js/ 2 KB
2 KB 78ms
67ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.mini-create-react-context.b1a9a770.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dea921fc41e7fffe9f096788648851660c740a41b9b6e60f66b816e476f7646d

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3286bc5"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKQkHatllIkxRizrT8WjZY82b%2B8GviVpDmBd5WOCrCWnrYCnPsuoZKmMFdJs%2BG1Kh%2FgkwgXannkEOcHTxOOZzzm7GEAWUJyF2RwbnBHpOlcHFodTHnfenwsn7HViiX8bS1f%2Bur7qw%2FCi9g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=507&x=1", cfHdrFlush;dur=11
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db43d3bc-FRA
server: cloudflare

GET
H3 200 npm.node-polyglot.bdd83042.chunk.js Show response
ori-win.xyz/static/js/ 3 KB
2 KB 79ms
68ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.node-polyglot.bdd83042.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd8969d3eb42b331bbfe76f22ec6673b0c176c357f90cc9b88ea0b839677fd28

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3286e60"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tgDZeFMLbSCyATcL66dz%2BsqEvdyGSr9rkjiVwld8tUgv3kgUzl0VO1122Yc%2BftuMvdxv%2B0827yiqsBAt0rLidFPSyisFuvsiIJc5CpsBW0jl1bT1VLpD7MXrunR3OSuZA%2FCqhLNdezMFsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=507&x=1", cfHdrFlush;dur=11
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db44d3bc-FRA
server: cloudflare

GET
H3 200 npm.object-assign.1512d06d.chunk.js Show response
ori-win.xyz/static/js/ 1 KB
1 KB 80ms
69ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.object-assign.1512d06d.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34b048ef8224ea0c369e72bad77578c9f0543cfb03266ae85898c48925aa0eee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9b271"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ea02ceVZ2YyBkXJA0YClPGvG5PQLMNI2ej3cZPiEot07nnI6RKBXDwE21Vv0NZzfKfuvHm%2FKnQjWN4%2BliiIpynHF5t0nLHgIE99A6jPdAyINvCr%2FuqICDd%2FSi%2FqE8S1Rv%2FTHbBcHYhQY2A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=507&x=1", cfHdrFlush;dur=11
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db45d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-device-detect.3bcf6a70.chunk.js Show response
ori-win.xyz/static/js/ 15 KB
5 KB 80ms
69ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-device-detect.3bcf6a70.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf23f7dd305f9c01b9f63d4ee74398ba30d76cba1bf5b7f9cfbc3b5cebfd51aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c98dba"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fFsQndGOxfX3BZOxTvVjRASXZyv3x3vmCmZqAD03clk%2B2OHSzO30U%2FaA6p5BemGrQBLF1F3DfyAgbgfoX4hoXEO8sLNOf4N8VqVGOW3YK5RMHtQn1GhMXj1Et3icBRK1HxoBnliGEwSPxA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=508&x=1", cfHdrFlush;dur=10
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db46d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-number-format.50c802e1.chunk.js Show response
ori-win.xyz/static/js/ 16 KB
7 KB 80ms
69ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-number-format.50c802e1.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44800009fb1c29e8b59853d73d939d8b2969a1f1676274b2275ebc4777c8f0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c988f9"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tuLnQXOXpeyxR98XIw6XN%2B%2FEa9em0iygclrzVRaVemfTO5PFOy6J0EtPKBkubl8cB4vhcGDDlyg5O1VEQGb30FLtNGISlOdLej%2B%2F0BuW1Y1NoOAaYmyEzVVsM1LMHH%2BaeFn9OPRoZn23Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=509&x=1", cfHdrFlush;dur=9
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db47d3bc-FRA
server: cloudflare

GET
H3 200 npm.redux-logger.b3c82790.chunk.js Show response
ori-win.xyz/static/js/ 10 KB
4 KB 80ms
69ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.redux-logger.b3c82790.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ad57206f8aa83dca703e98a0b3162411ec9eeb958131a4c066474826c4690c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3c0d2d7"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YWyZaNIuFZAoe%2BbZXTdWPe5qYQhHUHIgySG6I5AqsAIq5Pp1Gvwed76RaMJKYTOxebN%2B%2FD7aTSci6wX%2B%2BwA5NKBqUgj8%2FG0ynUYhr2IS4%2BvndyuhYkmVwaTw3bfZRME0o0jiSoBe6pWe8w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=511&x=1", cfHdrFlush;dur=7
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db4ad3bc-FRA
server: cloudflare

GET
H3 200 npm.redux-thunk.381a65dc.chunk.js Show response
ori-win.xyz/static/js/ 309 B
890 B 80ms
69ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.redux-thunk.381a65dc.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d65a2bc2aeac2652c416ec5d8ff74f1b69482302958c512182d430a95797d264

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3c0fb35"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wd0nwIwcIH%2BwRnWVrQbh6Ss8l6TYY0o%2Fpc1l2zLo4UOsQ%2BLWHGznrBMjXWTXbPYM63ZjMJv3KD0yrCdSWXdgEvT%2FGjFtUq2wlyJ9mM6t4kRTpi8nX7CZlrpWr%2F9sZxFeWlA6jwCBZgQ4yg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=507&x=1", cfHdrFlush;dur=11
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db4bd3bc-FRA
server: cloudflare

GET
H3 200 npm.redux.e6f7cbe0.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 80ms
69ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.redux.e6f7cbe0.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8701fd8c6a477d349d95cde44050768bf55eaedfadde6841d40411846a58359a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9af93"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t%2B8UPWPl3o5AQymJxxuD25PVVnONhIFYnv4vg7yTchhX6Zduuvv6wU6GYspMBo9iQGMDxj1Jqd70Tc%2FFqQsNOqoqgF%2B9S3TSjvY90lDGikDIe4WiX0%2FOcm2KFTJnRjFNGoPDhsfJvFC%2FoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=508&x=1", cfHdrFlush;dur=10
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db4dd3bc-FRA
server: cloudflare

GET
H3 200 npm.regenerator-runtime.f6718e2f.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 81ms
70ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.regenerator-runtime.f6718e2f.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

138e16e5f90b6ae4fb9ab0d4f313c46296d52f9929e3d8a3eeedc277f001c04a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb36255a9"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jXfUEWDZK%2BMFC0NiAulZ6JtOsIliLi4BxQ4%2B55nDFCXjTaCR%2BmNmFk4QDkzMQw%2FqEx3bLw2pu5LEqqV3CV%2B9qdGlk7sfnAhhj0%2FgjP%2FrSnj3Wj5Et5Fh5uXw5kz7PpQLzj6oJN9Qk08nxw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=507&x=1", cfHdrFlush;dur=11
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db4fd3bc-FRA
server: cloudflare

GET
H3 200 npm.resolve-pathname.3d81a03e.chunk.js Show response
ori-win.xyz/static/js/ 728 B
1 KB 91ms
80ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.resolve-pathname.3d81a03e.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d5003d856d36762de392e349596f6a418fe621dc9bc261a9b2239fa8c1166cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3c0f8d8"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VcUDDuPNVUK%2BHvn7y8X0ssK%2FNxf8E6Rnr4BMPM6SnB99sY9rpYO4XeFimY9LYlllgHsLTn1qkfOuZhpXW1E6Idp4r0cVEUQL6E2olECRbo4j2iK0NZjQBvZsJKdO6Xm3pBg%2F%2BYWLAtSG2w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=508&x=1", cfHdrFlush;dur=10
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db51d3bc-FRA
server: cloudflare

GET
H3 200 npm.tiny-invariant.53a339a4.chunk.js Show response
ori-win.xyz/static/js/ 188 B
840 B 92ms
82ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.tiny-invariant.53a339a4.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

59811a4c1b47f1ad7212a4883814f6808419592d56f76f8ee69131ef591ab3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3c0fabc"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D2Q1XoZ1QpmkZhkxmELgs8NqBkFVlLhK2CnJUDFP7f8M3hGadjTqq5Qk8dBEGmfu%2F1uTZ%2FeKStUMj6ZUly3RPVPAazZ%2BOg4fl3Jk7TlJn%2BDXdpxAyCo9Nx%2FapZxEgM%2FVzabNzKk%2FNRfZTg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=509&x=1", cfHdrFlush;dur=9
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:04 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db53d3bc-FRA
server: cloudflare

GET
H3 200 npm.ua-parser-js.5e42daa8.chunk.js Show response
ori-win.xyz/static/js/ 16 KB
8 KB 94ms
83ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.ua-parser-js.5e42daa8.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5643a908eb92d1b684116ab41d4abc4afe22be3b667118568772d290bdf98393

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb362728e"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zNcQlHfc4J6Ip7EIjIu1L9PUzGs7duoboZLch6V9gW3CQuJE1V1wim5Z6KdL92ak%2BASsHgAhCrHvhfpDy55wlt%2B%2BJgNo5Xs4vvJrlCJ3kDslK0dFVU%2FuHEVRrLqD%2BL7WwMd53rSvM7gNMw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=508&x=1", cfHdrFlush;dur=10
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db54d3bc-FRA
server: cloudflare

GET
H3 200 npm.value-equal.ae91a201.chunk.js Show response
ori-win.xyz/static/js/ 554 B
1009 B 96ms
85ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.value-equal.ae91a201.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ffe4a7802db8a5d6dbabf428399dab6047ed94e57c12efae70603f40682a12e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb3624eaa"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3Bb4iQZPbY34jzwUxJYyYrpevsHAeKm8AqIm2xDwuz%2BjmyXdARF87J%2FuOVm5kLp863IMGMLqgZehEs7bdxrcoTQG56wnFBQSyYd1dPrtpn9SzBnR6pjdAY18a%2B5ztH3qQjMX0QRJwSBzcg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=509&x=1", cfHdrFlush;dur=21
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db55d3bc-FRA
server: cloudflare

GET
H3 200 npm.warning.56475a6f.chunk.js Show response
ori-win.xyz/static/js/ 158 B
807 B 96ms
85ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.warning.56475a6f.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a20f2e3e22472e04cf7de1ae0a46035834b606c0d47370448eaafc65678a020

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb3624c1e"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DjJA8zJJcbYYPZt1fqMYev07tvsVVGPza0elitX9E5F4K1YPFMDd3Nd5JZu2nKYgn2wwmgkI%2FUrpvCPlxWvmSt23o%2B2%2F0kNUXmdM8hDv2QFyS58xtGOfmhplusUsRaI5A4gXyK67adedXg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=512&x=1", cfHdrFlush;dur=18
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:21 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db57d3bc-FRA
server: cloudflare

GET
H3 200 client.3bf36311.chunk.js Show response
ori-win.xyz/static/js/ 277 KB
34 KB 96ms
86ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/client.3bf36311.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5e1f39b07081f848e2019192a4ed627178fdb5b4712718f3a9d6f983408c027

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2cde4c6"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KEFQxSq2QAkUBV9uOIzppcoMJ2SFGCTA5R0OBRLBW7zGkqUZcRIp71g67QCA2IReM0wEX2b%2FErFKi0TT8X66Ezn0oRfGu98yowV5Wwacr6ocQzUI29gdWHYbKLABCcMJ8Q1o9MowRGGBCg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=509&x=1", cfHdrFlush;dur=21
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db5ad3bc-FRA
server: cloudflare

GET
H3 200 npm.react-transition-group.54ccee0c.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 98ms
88ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-transition-group.54ccee0c.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00e503e2f77a11f33b7c41b52e6ed754098f286570c091db5a6651ba8db074a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3287a90"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B0xlLGtGnKFkuNth7ObrBUnqPuSubt%2FfDzw03ZABi1J42VDGj%2FwwpPIt8xE%2BdbijfZd76D2nPhlQEWXvM2Ruc036LtNjTaQuBehrcuXXKjK6xS0EVi%2FYM8dnLMSaCKr9a8GyCfqbTTelkA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=513&x=1", cfHdrFlush;dur=17
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db5bd3bc-FRA
server: cloudflare

GET
H3 200 npm.dom-helpers.0fe34874.chunk.js Show response
ori-win.xyz/static/js/ 843 B
1 KB 83ms
73ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.dom-helpers.0fe34874.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f48e063a60f9223b9e7e17613f359043c452d28ddd48a4b18cbe75733afb4b29

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9b54b"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=prhtKOi7WnJcpxvhvxEAcZEIXKcAxvIQJ7eo%2BRyDFX78a2fH8Qk%2BjyJ%2BKb6loZ3s48ZK7XKwRly9NqF1szbg%2FvphEYByKKWDfUrHwyM%2BazZ3%2FJZlsNZB0jCSvZA%2BsjtC1kYczEJ5PR1zOA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=510&x=1", cfHdrFlush;dur=20
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db5cd3bc-FRA
server: cloudflare

GET
H3 200 npm.decode-uri-component.bdb7c603.chunk.js Show response
ori-win.xyz/static/js/ 1 KB
1 KB 83ms
74ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.decode-uri-component.bdb7c603.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd5d6678aff239cd05c4333619adc96016fd27c038f64b2182fddab3d8f114ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3286786"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TKt7Et%2BT2SdOc5P3trMfmCLagmkJbF%2BU7270OFzakhdk2pG3UFwIhTnYeGT%2BtoH66voVBU9%2Bzs8IUVWcJetYK4gHfZWrmIscHXsGpbocpn3dWoPWt%2FsJyxepNajbB5PMGQgAgS0wgWi7zQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=511&x=1", cfHdrFlush;dur=19
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db5ed3bc-FRA
server: cloudflare

GET
H3 200 scenes-RedirectPage-RedirectPage.4e3d0857.chunk.js Show response
ori-win.xyz/static/js/ 42 KB
11 KB 85ms
75ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/scenes-RedirectPage-RedirectPage.4e3d0857.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22a0f8c0c0f566641793329c2fee495d2b86f776080a452c8dcd83215242362b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c91f31"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cfa5eRaC1eIBBQOozzLUqz0Jv1MIwGpg4xGDltndFx3e9W4Qqh3c%2FPow9bzIsE5niRd4n84a4jw7g1Ljqa%2B1nUV7wD%2FbOT1fPoJ1Mx1NdND2lM9s7tJQsj5d6GF8kW32rBmVb07wZYlqUg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=514&x=1", cfHdrFlush;dur=16
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db60d3bc-FRA
server: cloudflare

GET
H3 200 npm.query-string.a187f683.chunk.js Show response
ori-win.xyz/static/js/ 4 KB
2 KB 86ms
76ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.query-string.a187f683.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dbe2b284d004069cb03afa70a0856d7247972cdc7d2cbaba3ee779f0bc8f776c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9b9f6"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TJ7Kk6ahRMNOIkG%2F%2Bq6bloJLmuEIfK4uRwyDKhhfOMn9lienb1mk0E86iLDBMTx%2BQIPM6lTErk9na7wzcVUhcoBaONxACezfa9%2F3gSEnmQo0K%2BOts0YlvlJ%2B0ZwHWchB6AobX9lIp%2FrMGg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=514&x=1", cfHdrFlush;dur=16
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db61d3bc-FRA
server: cloudflare

GET
H3 200 npm.split-on-first.f88ca38c.chunk.js Show response
ori-win.xyz/static/js/ 350 B
940 B 86ms
76ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.split-on-first.f88ca38c.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

917010e5a384075efe1d65a3fe874eeaf78d76edd9b774354deb9278c31b2402

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c32862de"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WBWrsfHQSzPfcXJ1sPY3HMttXRgx03d2QTSazzB65ZUQSzl60Ft3IR372Y1p5Iod8ImkygnTeS4P5CrK4PdHER3jXTZNgmLKL5zRODJQfT4r5cTX%2FeJxk08cebr6gE%2BifWDxpgKPyUjRXA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=510&x=1", cfHdrFlush;dur=20
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db62d3bc-FRA
server: cloudflare

GET
H3 200 npm.strict-uri-encode.01c2c540.chunk.js Show response
ori-win.xyz/static/js/ 229 B
865 B 86ms
76ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.strict-uri-encode.01c2c540.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e5edcd24ccfc683f6935ab1d2e400585c1e15408321e41eb56f3833e56f207c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3286365"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I2YfbFkNskIk7P8SKc53xL1HSs4DFuRngqDhjcZpOzY7peKEbejjYO69Kp41H88Fi90Ckg0ZANu2POKAONmLNDKavev4HHl1qQloz3zPtd4oqR4Kdm5skSjzZelfxbNlJ1NZApHRUuPYYw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=511&x=1", cfHdrFlush;dur=19
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db63d3bc-FRA
server: cloudflare

GET
H3 200 components-Header-Header.88a7e7fc.chunk.js Show response
ori-win.xyz/static/js/ 3 KB
2 KB 87ms
77ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-Header-Header.88a7e7fc.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

39ef149702216bc74c0ecdbd060d9cd94f5e9a87a0f84ed6c19cb1065ac544fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9bc4c"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pC53sVZoD2O%2FuWQpTu5KSCPN%2FTqrJcu%2BekpFy6m%2BbopVzF6Sp%2FjHUjYOzCHIoZQg7dhk9Y7Bvz5EQQ5da%2FumDEIAX0J6FcqVJKz0psE%2BXiAyM6TzePy2GMSQETO72LBvx0kaGt2xyyql%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=512&x=1", cfHdrFlush;dur=18
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db64d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-lazyload.622428dd.chunk.js Show response
ori-win.xyz/static/js/ 7 KB
3 KB 87ms
78ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-lazyload.622428dd.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

11916306f8becddb6127697b45961a4736791db5ac8c3a668ccf7349f6d4e90a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9abea"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BUy4jyzOoTdqIAhc5T%2BXlah0D%2FXQFp0tQYaczABi8%2FfssybHMUVLmPcq4u8BnKKemxctLUie3zm56BA%2BMq3y3XeDm%2BHVExYCzxtWKGpnPrjg8RgL2T06WdIjOhnL6Rr9KHkEmO%2BvdaIHTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=512&x=1", cfHdrFlush;dur=18
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db65d3bc-FRA
server: cloudflare

GET
H3 200 scenes-Deposit-Deposit.cdd8b714.chunk.js Show response
ori-win.xyz/static/js/ 664 KB
141 KB 88ms
79ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/scenes-Deposit-Deposit.cdd8b714.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3098c0ab9b5725056159402227098464203155f347c72b5dbaa3410957fabe0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3223ded"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=k%2FbL4DS9cOA2nB4RXEkNoRkEth5ALAoURHCdvznFk4WcQiG3%2FYiLraGiBEZlemc1F0jJZ7Qy95IT6XqrQHHnfrEzRF9b6T5FeDeWCWq3FJRGmFh%2FLdnnW%2FR6Qt4lKUuT%2FRbPZw%2FQSijC9g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=512&x=1", cfHdrFlush;dur=18
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db66d3bc-FRA
server: cloudflare

GET
H3 200 SlotLink-SlotLink.c5086c4a.chunk.js Show response
ori-win.xyz/static/js/ 9 KB
3 KB 120ms
111ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/SlotLink-SlotLink.c5086c4a.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d3aef05f8badb802b9c0271030508e3d320da3186a1bad7b1ec866d45954acd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3284023"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1DAvOGfPBvJVD%2B38uPzZ7iAKtZUnISjxptUnTqIo7%2BFW%2F7JSTz9PdaNE5IhhfJCr0Qe%2BUcxR0fwoN1wR1pFiO2avXt8dwWpj0MBhEMJDE7it00k29G1%2BTu02Ur7WM30fEaF0y2n%2B7tlzXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=512&x=1", cfHdrFlush;dur=18
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db67d3bc-FRA
server: cloudflare

GET
H3 200 LiveLink-LiveLink.acfba760.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 120ms
111ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/LiveLink-LiveLink.acfba760.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5af69df4d101993816907149c7bdeadf8fc41ba166d2523a3df26bce131d9544

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3287a8f"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7ZMrrEEUqUARXrk7oWwmkLqvIIy907vCUtnwkgTYjpIYkenFn0FuryLsYYFYfn39kUddp8s8m2ALgwaJqe4gy92JJJJVDcF7ONIOwd6ELXrJXLbd0b143zyc00OkNove%2B6qIQNkb5yMSnA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=512&x=1", cfHdrFlush;dur=18
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db68d3bc-FRA
server: cloudflare

GET
H3 200 SportsbookLink-SportsbookLink.50ed3883.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 120ms
111ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/SportsbookLink-SportsbookLink.50ed3883.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b16fa618e93e024f3aa25b078d7872fff62fff8d55b467975367a1b05b01c9ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3287a98"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C1pKpzTMZVQa44nRnTpsnHaTqSPd5N7%2FXRHKjd23oxwBFcvXCuN%2FCVcSOSOqJz%2BdQIUbGlqHj2sDKeK7VO0fCoBMgHPNB6jRqP%2F1yc%2FhzR9tW76dvNUxFcnguhG4HNFE6Nb%2FSEV0e2%2Bb5g%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=512&x=1", cfHdrFlush;dur=18
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db69d3bc-FRA
server: cloudflare

GET
H3 200 FishLink-FishLink.098b7820.chunk.js Show response
ori-win.xyz/static/js/ 5 KB
3 KB 120ms
111ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/FishLink-FishLink.098b7820.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bb64a5c8df4bf52df1cce0316c90ffe13e89451267def9f063af196638dc5a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9a5da"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fIR0Wbba%2FjtLTRTkQGefOMKSbBHLht2yT6bdQUp8qt0rYgPpz3QlVdQc4aUvNszBCcnvHACSnH66uzBhPeQiH7YTEJeWA5Tfuz%2BPM7zRN%2FDHgyjaCoBiDT00vglNVpv3cdekOraTMnzVnA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=511&x=1", cfHdrFlush;dur=19
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db6bd3bc-FRA
server: cloudflare

GET
H3 200 TogelLink-TogelLink.c21e3b8c.chunk.js Show response
ori-win.xyz/static/js/ 5 KB
3 KB 122ms
113ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/TogelLink-TogelLink.c21e3b8c.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e4a71190fa65ad477a6199a74e61965f56933ed34a665c9d3cb9b03e4c0e50fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c328767f"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ue57dWTQWDQRNrJ0XZ5P1dtFC3IND3Wuadl2A31rouwWL01WWgK0ailQlVGPSwvIvWaFa4AkG%2B6DixVW8IWeGpGvwL2xwpms0A29pP61mkXt207SnaqEjuFl2BuTCx3ZcJc5EccmKUu2hw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12683&min_rtt=6102&rtt_var=5554&sent=80&recv=95&lost=0&retrans=0&sent_bytes=43134&recv_bytes=25528&delivery_rate=329256&cwnd=16800&unsent_bytes=0&cid=79e83cb05850ba1f&ts=512&x=1", cfHdrFlush;dur=18
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4934db6dd3bc-FRA
server: cloudflare

GET
H3 200 BinaryLink-BinaryLink.fcb96609.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 123ms
114ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/BinaryLink-BinaryLink.fcb96609.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

73aafa0154205437f17a6e71d38bd7e4738c21ff5032f8e66f857bdaab1f07a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9a029"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6t22rwsqiQqQ0d5f3QWRAP3WCVBnxxUEd3yMoG6UQbtF53mdq6yD59DRyb5vP25GkK5629KLLmRUa6svob7E4kMrCA4%2FqkLUvNMh8CR%2FpscIUoAyVtrb3YZoZlP1pYk7Vw1c2J86nTTKdg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9561&min_rtt=6102&rtt_var=1179&sent=337&recv=129&lost=0&retrans=0&sent_bytes=320568&recv_bytes=32541&delivery_rate=7582569&cwnd=135300&unsent_bytes=0&cid=79e83cb05850ba1f&ts=551&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c07d3bc-FRA
server: cloudflare

GET
H3 200 BenefitLink-BenefitLink.fadcff48.chunk.js Show response
ori-win.xyz/static/js/ 7 KB
2 KB 124ms
115ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/BenefitLink-BenefitLink.fadcff48.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

18ccaceaf76a9575d644290053bc745638e239b304f504aa7a57904fc50d6d7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3287981"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UFZWaucwcNWw8iJQMc2%2FkXzHbq6B9s07otEmSLpiEU4mJ4iEPIjyc3FyO8TxDj1b9wym9K7fEiYpHZvNEHJ%2F5h53hWkh36kZZgtNMtyoiVfnobCBCyNBgLqRdApcc2IpmQks4LEBcEx%2Fkw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9700&min_rtt=6102&rtt_var=564&sent=391&recv=133&lost=0&retrans=0&sent_bytes=385003&recv_bytes=32721&delivery_rate=9045310&cwnd=161700&unsent_bytes=0&cid=79e83cb05850ba1f&ts=554&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c08d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-slick.5e620907.chunk.js Show response
ori-win.xyz/static/js/ 29 KB
8 KB 124ms
115ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-slick.5e620907.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b18387eb855250db07f02fb6db90e2902d9ea0d048463c9e87b025bbe569856

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9c3b4"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JSGl5JbL8fpzWdGPAVbFl0Qa3A58x8QCYeUJAiXeI39yenLLTNNH9l%2BwlsnJCZUM34QBw1cnWHfU1MPsXdblginoRVidPbqn6w6QktevTFSu5q%2B2DTilG24V2%2FLfmynkqxDWZjkErmlPsA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9561&min_rtt=6102&rtt_var=1179&sent=337&recv=129&lost=0&retrans=0&sent_bytes=320568&recv_bytes=32541&delivery_rate=7582569&cwnd=135300&unsent_bytes=0&cid=79e83cb05850ba1f&ts=552&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c0ad3bc-FRA
server: cloudflare

GET
H3 200 npm.qr.js.e7d26c15.chunk.js Show response
ori-win.xyz/static/js/ 13 KB
5 KB 120ms
111ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.qr.js.e7d26c15.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01b4e7a8f9ee4d3ed9081b86221aecd2534d99d692339f38843ff0ca7cc654a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c98371"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QiihvnLiMWqwjNSIMEmgT9p0IcuZVbPHcdPGq08orQYc%2FzPsXsxBBmpJ0raGoLShM8f9VMnZBCFEUEEiWFdMY1qNN5Ple8ZJAAWLRIRD5KTKq3SCMlkmnUMhWiOLY%2BKv7PBkEtHw6v6l7w%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9561&min_rtt=6102&rtt_var=1179&sent=337&recv=129&lost=0&retrans=0&sent_bytes=320568&recv_bytes=32541&delivery_rate=7582569&cwnd=135300&unsent_bytes=0&cid=79e83cb05850ba1f&ts=551&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c0bd3bc-FRA
server: cloudflare

GET
H3 200 npm.react-icons.2960b6fa.chunk.js Show response
ori-win.xyz/static/js/ 13 KB
5 KB 121ms
111ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-icons.2960b6fa.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5108eca87fa490d07ad70c4ee9413ccce8dcc564e6a2863f403fa833a01cbefc

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c32850d5"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1k4wtQdISR6aXMIpUVCjGNWqwOTg%2FopAfEJ%2BvNiNKdlKIc%2ByAQJEhVjppmZrQl9i8GixAwtMX11MzAtH6pQA%2FBosDwrSuKhARgbEjCrUACy1ZhyBP%2BJO2k9kjspXBK9CMSRGCYShBGOSIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9561&min_rtt=6102&rtt_var=1179&sent=337&recv=129&lost=0&retrans=0&sent_bytes=320568&recv_bytes=32541&delivery_rate=7582569&cwnd=135300&unsent_bytes=0&cid=79e83cb05850ba1f&ts=552&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c0cd3bc-FRA
server: cloudflare

GET
H3 200 AppLink-AppLink.202755f3.chunk.js Show response
ori-win.xyz/static/js/ 82 KB
17 KB 121ms
112ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/AppLink-AppLink.202755f3.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6840e95190c6062f4a77ff0d889275372da01bad41eed0d97e0390ef9e14c36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c8fe7b"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nBMDatfnvd2wCYgEocMj9masZo2RBaay1x8CcJBT9zCDZ0BBVwh6qgsSyIizfoX2NFN7j3xlUTOffukYyJtjR3hNozMNlWER7NQGAt3sWQrwTsOb4QDkYDKliLCbplDdDoK0qqgGq7WTPA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9700&min_rtt=6102&rtt_var=564&sent=387&recv=133&lost=0&retrans=0&sent_bytes=380568&recv_bytes=32721&delivery_rate=9045310&cwnd=161700&unsent_bytes=0&cid=79e83cb05850ba1f&ts=553&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c0fd3bc-FRA
server: cloudflare

GET
H3 200 components-Alert-Alert.7b3dda87.chunk.js Show response
ori-win.xyz/static/js/ 37 KB
11 KB 126ms
117ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-Alert-Alert.7b3dda87.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15a990f5bd1fd37ec7f1fb86d62bcdf39cdebebd6870bfcd8fd7000174ec1d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c923bd"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fKH52P8fMO19hQnvprTzZ3OXK3NYbIq8l5JTeYGpJ2NHJ66NwolrXUcaqhW7GdnE0Dcr9w%2BRz1GvPo2nkj42JODdUQm%2FmNdL2kxFGCvg8S%2B7Eofpr1IydluOqIfWfT7eJfVU2IMqipMQlA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9561&min_rtt=6102&rtt_var=1179&sent=337&recv=129&lost=0&retrans=0&sent_bytes=320568&recv_bytes=32541&delivery_rate=7582569&cwnd=135300&unsent_bytes=0&cid=79e83cb05850ba1f&ts=552&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c11d3bc-FRA
server: cloudflare

GET
H3 200 scenes-Benefit-Benefit.d16acabb.chunk.js Show response
ori-win.xyz/static/js/ 86 KB
20 KB 126ms
117ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/scenes-Benefit-Benefit.d16acabb.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b54cb082d6cb59a14f845fecd9ff1e703e6b78ec8ec78e6083412ba138f0bbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c8eef4"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z1gjPkwqD36P3aTR52RRW4w9Zd%2BVWn14lFOUnKLKh%2BF5FgreEi6IyBdu8oi3EDM9EYcU%2Fxz4rsxYVsbRbNxB2O7u8w%2BDuU70o9aC0lqknl5Zrl9lhRT2EDqHM3XbfJoU0KYtqfx79vNKGA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9700&min_rtt=6102&rtt_var=564&sent=391&recv=133&lost=0&retrans=0&sent_bytes=385003&recv_bytes=32721&delivery_rate=9045310&cwnd=161700&unsent_bytes=0&cid=79e83cb05850ba1f&ts=553&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c13d3bc-FRA
server: cloudflare

GET
H3 200 components-MbrAwardHist-MbrAwardHist.a03a7677.chunk.js Show response
ori-win.xyz/static/js/ 18 KB
5 KB 127ms
119ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-MbrAwardHist-MbrAwardHist.a03a7677.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13ceb858e0c9cb7461f930f8e6d4502d398b5c56cd5a0b1b64f793354e0818ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3282a28"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5hYr1k9uPul6cxQqjYTNnzi2KYaEcEL7GW23KygxDu0MPG8FJdgO0WnBNmN%2FomdvvAY94HTpFwbyHxZksp300%2FtqNJSZTBQ2B0L%2Fbl88EToAGomfEaISiFu4biFruVGz3hvjC9ouv2ufzw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8997&min_rtt=6102&rtt_var=1534&sent=401&recv=135&lost=0&retrans=0&sent_bytes=397003&recv_bytes=32809&delivery_rate=5405214&cwnd=177300&unsent_bytes=0&cid=79e83cb05850ba1f&ts=554&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c14d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-fast-marquee.e1991896.chunk.js Show response
ori-win.xyz/static/js/ 4 KB
2 KB 129ms
121ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-fast-marquee.e1991896.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34d1ae69b231d46ff6beed320d6446e8228347e62331fb19147a1b536596a3f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9a6f5"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m5OVEKmNUbXQcUQGqCD0%2F8KeJOCTu0n%2FAkIRjhyisD8%2FToHPEbne0UohBgcAzlYDyr9BdigSvBRm0bcTzbOmWIv2bpBDC5neUwm3Vd07mosHdMIXejNMY0P3GKdkYJ7V9tQPbaBSYNCktg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9700&min_rtt=6102&rtt_var=564&sent=391&recv=133&lost=0&retrans=0&sent_bytes=385003&recv_bytes=32721&delivery_rate=9045310&cwnd=161700&unsent_bytes=0&cid=79e83cb05850ba1f&ts=553&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c16d3bc-FRA
server: cloudflare

GET
H3 200 components-RunningText-RunningText.983dd1f0.chunk.js Show response
ori-win.xyz/static/js/ 1 KB
1 KB 145ms
136ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-RunningText-RunningText.983dd1f0.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9be70928f47f4545656a3f3f787ebb2877b189129ad475fc970d7a029decaaeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c32867e5"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=29q6zuUecbtDMG8ZXsloQqKvE0NT2d4l86P%2B9iJlGJeO%2F97AizBYZ5POXUentzf2oIiQvmHIM4KboEE2MlgNNWYuV1pD0V1%2BrXXVxeZiGtzQaJXbkC5bQlaFW6aEVbxugW7qwNbTcfBgsg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8741&min_rtt=6102&rtt_var=1661&sent=430&recv=136&lost=0&retrans=0&sent_bytes=426635&recv_bytes=32853&delivery_rate=6407427&cwnd=177300&unsent_bytes=0&cid=79e83cb05850ba1f&ts=555&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c17d3bc-FRA
server: cloudflare

GET
H3 200 components-GameSummary-GameSummary.8168c127.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 145ms
136ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-GameSummary-GameSummary.8168c127.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64b68e68256a6c2d9c48bb76e49e1dbb4710b2c7a510ab5c42c81e5e1d1bb107

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3287b93"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=04AkVbpuibESxLJQKGPN3%2B3cUawSiae%2FKVxYn%2BnagQkiMqVdymgn%2BL4Vm09aLkJJtX86HmJGBL65pInPzzt4nCy3OyOaJF7mmc7DRKePIeM%2FWJf7yOd8z00OUTW2i1j2CtgfaUHbsWwN%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8741&min_rtt=6102&rtt_var=1661&sent=430&recv=136&lost=0&retrans=0&sent_bytes=426635&recv_bytes=32853&delivery_rate=6407427&cwnd=177300&unsent_bytes=0&cid=79e83cb05850ba1f&ts=555&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c18d3bc-FRA
server: cloudflare

GET
H3 200 components-GameSummaryWinner-GameSummaryWinner.bc1979d9.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 145ms
136ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-GameSummaryWinner-GameSummaryWinner.bc1979d9.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f840c21ed3d02f73150092882759761a3a8edd84cbc362fba87aae48f920a41

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9af30"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hjzAxfwgT2NSNLtZw2qhqQaHHfAj7f71XcJTZqITrphNHkju5Y2y12cbZUbS%2BF26NeiQRAxHZVnox8LLohiOljt9YRK%2FAuT7xHOYKWn6FqXqiDhsNez5Gnr09wTse%2FnGigAjMxjPCiuTgA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9700&min_rtt=6102&rtt_var=564&sent=391&recv=133&lost=0&retrans=0&sent_bytes=385003&recv_bytes=32721&delivery_rate=9045310&cwnd=161700&unsent_bytes=0&cid=79e83cb05850ba1f&ts=553&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c19d3bc-FRA
server: cloudflare

GET
H3 200 npm.react-countdown.32b1f294.chunk.js Show response
ori-win.xyz/static/js/ 9 KB
4 KB 130ms
121ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/npm.react-countdown.32b1f294.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce73ecc68ffd76b72ac10e2a988099748658dc03236671c856f3ed89f53c271c

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3284138"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gCxAWouMwOVBYoFfbI%2FmIkOUpoqbdNIlfdcWNLBHIHaCWBqJxDsnBSbhZgb%2BiShwSRFsQoZbQYvUzTvrZxAlFWEbYZfCo1RXbvCCJtZJmbSzPCMNRmw%2Flm1wpXCfJtFw%2F3CIEQUwZWeDuQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8833&min_rtt=6102&rtt_var=657&sent=503&recv=140&lost=0&retrans=0&sent_bytes=505861&recv_bytes=33033&delivery_rate=10970546&cwnd=210900&unsent_bytes=0&cid=79e83cb05850ba1f&ts=557&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c1cd3bc-FRA
server: cloudflare

GET
H3 200 components-TogelInfo-TogelCarousel.ddb8b76c.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 140ms
132ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-TogelInfo-TogelCarousel.ddb8b76c.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cfacb332737b10102ee6a70a19e114094196f6597a824a746015d5c4bb40cdfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c3287a78"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zSKNdnjw5oY3L9Y2jNP9qWcLgMshNdik18RSjMUJWu0145XmtCz1WRxRbtpDKl3DK4g3L3gf8%2ByHDtoZAlDD601nK77z2s6FuLL%2B05%2Bsi9vb6dnI4qIZSAhYEAlBV%2F9scXI%2Bhfx%2Fdz%2BDhw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9700&min_rtt=6102&rtt_var=564&sent=391&recv=133&lost=0&retrans=0&sent_bytes=385003&recv_bytes=32721&delivery_rate=9045310&cwnd=161700&unsent_bytes=0&cid=79e83cb05850ba1f&ts=553&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c1dd3bc-FRA
server: cloudflare

GET
H3 200 components-GameEventInfo-GameEventInfo.5e547ca1.chunk.js Show response
ori-win.xyz/static/js/ 5 KB
2 KB 130ms
121ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-GameEventInfo-GameEventInfo.5e547ca1.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a58806ce1f660ef08e3098a885d27f5693229da9426a49d004c0a0babbecaee

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c32877fb"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gplat%2BEeDbcydLSULmDzPZ0FhQu617lTqPEnZKk%2FlzrAgiyMAz4yfkie1l7O5Jk7bXrucX3sIi6eBSCK3yv7ojGqJoBHGxFYSGVbGrzMnpAFjQ68rq3iYCwnxh%2BavOAYpekXYOcrWMy35A%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9700&min_rtt=6102&rtt_var=564&sent=391&recv=133&lost=0&retrans=0&sent_bytes=385003&recv_bytes=32721&delivery_rate=9045310&cwnd=161700&unsent_bytes=0&cid=79e83cb05850ba1f&ts=554&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c1ed3bc-FRA
server: cloudflare

GET
H3 200 PayDuration-PayDuration.0a6138de.chunk.js Show response
ori-win.xyz/static/js/ 2 KB
1 KB 130ms
121ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/PayDuration-PayDuration.0a6138de.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2c9bc0c723af88f8d6d3c8de2bd56660ce41577d15488d89f83a657ca5f5e0fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9b09d"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=F2yCdEHsS7Al37Hc7ZG%2FK5GoI88S40xyLq2ibMDzw5PQmUZUHGLHNwRU9OINZWVCGSMAgtWW1r9zSzKDdOMcmzGjexqlkFqKag01YFmvX902D%2BrWzl%2BAnlvNX1XulqXcbXI4ZHiMQvAlgA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9700&min_rtt=6102&rtt_var=564&sent=391&recv=133&lost=0&retrans=0&sent_bytes=385003&recv_bytes=32721&delivery_rate=9045310&cwnd=161700&unsent_bytes=0&cid=79e83cb05850ba1f&ts=554&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c21d3bc-FRA
server: cloudflare

GET
H3 200 components-QuickContact-QuickContact.c8cfb06f.chunk.js Show response
ori-win.xyz/static/js/ 8 KB
3 KB 129ms
121ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-QuickContact-QuickContact.c8cfb06f.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8bdbd660f169f119f24526b7d289f566ceb7e2c943997f25aff787b132fdfec

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c99635"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rq8WGOhAfzuk599HqGc1UlKZRimTEnwKTrQN1NllzcHQAU1Iur%2BtgAe0HT2sRWwHBi11g8S8oUM2EAdmFzsrziQ9l033Tnck6P9D1GptslFmdIUmWYeJU5sERn5Ia0b87DlWJ48JQK3ZmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8741&min_rtt=6102&rtt_var=1661&sent=430&recv=136&lost=0&retrans=0&sent_bytes=426635&recv_bytes=32853&delivery_rate=6407427&cwnd=177300&unsent_bytes=0&cid=79e83cb05850ba1f&ts=555&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c22d3bc-FRA
server: cloudflare

GET
H3 200 components-Footer-Footer.9cd678de.chunk.js Show response
ori-win.xyz/static/js/ 11 KB
3 KB 130ms
122ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-Footer-Footer.9cd678de.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e837b1ec051ead4667aa0f89998202705aaff739f70be7606fe6d004f8fb0803

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34c4c32848d4"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=elT2NdviLi4bofiu7s3AmAdkSj%2FpmaH%2FBcPInBpgcPWkPOMfyZXbVbC1dKrb61cug%2FPcYdDW7jRDnxT3pCDTU95UVM7ZnQAEbLEryYJ%2Fw6H5CdGCMRp470CvZdsRFjM%2BuTQQrJh2VlFgSA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=9700&min_rtt=6102&rtt_var=564&sent=391&recv=133&lost=0&retrans=0&sent_bytes=385003&recv_bytes=32721&delivery_rate=9045310&cwnd=161700&unsent_bytes=0&cid=79e83cb05850ba1f&ts=553&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 05:36:03 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c24d3bc-FRA
server: cloudflare

GET
H3 200 scenes-Award-Award.b1aa4ad9.chunk.js Show response
ori-win.xyz/static/js/ 70 KB
19 KB 130ms
122ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/scenes-Award-Award.b1aa4ad9.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

57286ac38494a319cf8ab7f6e5dc6e18bc71306ac56b2224d3e7ef0acbb6144b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c8a022"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AyMg4Vc5x6jHDCUiBnoHS0xB91BZP%2BPouY%2BNag3%2BXlrbb0jSMdT%2FcaZkZc%2B5QF%2BIQ7nmiakw%2F7d0gpvXupIeca6CjXn0Z9jhjtYDKuGWM72pB8jonDKMQ9VW0ldo5XcMXb%2Bbn47lSMameA%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8997&min_rtt=6102&rtt_var=1534&sent=403&recv=135&lost=0&retrans=0&sent_bytes=399200&recv_bytes=32809&delivery_rate=5405214&cwnd=177300&unsent_bytes=0&cid=79e83cb05850ba1f&ts=554&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49352c25d3bc-FRA
server: cloudflare

GET
H2 200 js15_as.js Show response
s10.histats.com/ 11 KB
4 KB 115ms
9ms Script
text/javascript 46.105.201.240
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://s10.histats.com/js15_as.js
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.105.201.240 , France, ASN16276 (OVH OVH SAS, FR),
Reverse DNS
Software: /
Resource Hash: 2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

x-request-id: 698454867
content-encoding: br
etag: "-375139978"
x-cdn-pop: sbg
x-cacheable: Matched cache
accept-ranges: bytes
x-cdn-pop-ip: 137.74.120.0/27
content-length: 4364
date: Mon, 02 Dec 2024 23:53:08 GMT
last-modified: Thu, 16 Apr 2020 10:44:16 GMT
content-type: text/javascript

GET
H3 200 home_icon.png
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 3 KB
4 KB 88ms
47ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/home_icon.png
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f68b95c0e8f0e819d3290e955263744794878999b569d9eac51a6018bddc6fc5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "cbf367485768ea88e2815c7417238df7"
x-amz-version-id: sYRF8OwkQ2tJfTTWosigpI0zeF6ezAv9
age: 539406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9TGEeKXkXf72ACin6rdKv95wcRJGWyAdwzXT57NMxr2nyvd1DpSlMk2eWCqTScQbOBkT%2Bvkk00ZbOlK9z3MHgeZAApcmulooF3ejApfLDVBPsKICb8TLRGO%2F49aSzuVdeqVrF%2FQPQHaeGs80QC5GAcHTUkjkcGDy"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: ZmVvPHmMn_VpC1PIG30O9AgqcgTbrvDnfwoTQwJ8zT8l3ujSxyRX5Q==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:58:23 GMT
x-amz-meta-sha256: f68b95c0e8f0e819d3290e955263744794878999b569d9eac51a6018bddc6fc5
priority: u=2,i
x-amz-id-2: 4WeyWYSvRSaH75PVhgyUscLEZFJWVv2g2IyrogjIGN39KFFBoULJJRW/FGK2Ffq1HD82s8+U9hY=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=14267&min_rtt=10492&rtt_var=5264&sent=14&recv=14&lost=0&retrans=0&sent_bytes=6082&recv_bytes=6135&delivery_rate=55468&cwnd=12000&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=42&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210204T111356Z
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-request-id: 6608CX6YNG7S9DT1
cf-ray: 8ebf49351b6c9143-FRA
accept-ranges: bytes
content-length: 3506
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 slot_icon.webp
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 732 B
2 KB 87ms
46ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/slot_icon.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a033eb003735dea9aeb9d88aeaefd78b13120ce83d1c56a6106acd96164c64d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "e27e43f1b3d78e650d2e64f11af0838f"
x-amz-version-id: YlBZImm38GzPDswADuvN6aO9440QAR8d
age: 407709
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmr4TmD%2FTs04Gqz1%2BJWok38W8wKfRf1TooFBZY4XD2mtVjdEwNosfhKUuLjIOueKQaUbueogCJyEMsqxsaNcNr%2FXhy9GOizC1%2BPv8oUhZWGSiKZRU9QvtDiXxjtIU%2BiPDyI6mi%2FU%2FgnQMYu1Tu%2BtWwZ%2Fp54hAE1C"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: b4iKuWQr-kvHZWzSU3CID15XaEx2h7427N_Mfc7lSUS_1mRFtDnHiQ==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:58:27 GMT
x-amz-meta-sha256: 5a033eb003735dea9aeb9d88aeaefd78b13120ce83d1c56a6106acd96164c64d
priority: u=2,i
x-amz-id-2: //LxsCyzbaSnSmT45yZHE3ewjPKyix8VUpDj2Bw39hfveAYEcDaKYjyb2vyuEGSOxRKFpoj5ibY=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=14267&min_rtt=10492&rtt_var=5264&sent=12&recv=14&lost=0&retrans=0&sent_bytes=4159&recv_bytes=6135&delivery_rate=55468&cwnd=12000&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=42&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210204T071844Z
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-request-id: VN13STH4NAC8B3CS
cf-ray: 8ebf49351b6d9143-FRA
accept-ranges: bytes
content-length: 732
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 live_icon.webp
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 798 B
2 KB 59ms
48ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/live_icon.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ef591781e69b86f1167407440bc4bf2342f4f8e5be9188b4e7547921fda4affd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "af030494ad9d3f9e8de1f3ebed94b2eb"
x-amz-version-id: 8ejInq.Serx_0_u3sk765jPUr8XzMA8l
age: 18261
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BJ9Wi5jVP9hnvtncDpKmHWe%2BxBAy1n4nAltvwNBYByU6YKbWBW87wvuwd7CvxBPgJxTzw9YtRsfFy1%2FNGmUb21BKaeX3m4nOggD1tx9L%2FmdXkAyNJTnEaTmiwS0Fmu6Eyo6KFnVVOZG5mrbasBuGGeSNI9Oaw9a"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: fHgkVkl4vhpuje_MlAestgZMQaaEsDeB69yrIYAQRTNXB_Mjt04A7g==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:58:24 GMT
x-amz-meta-sha256: ef591781e69b86f1167407440bc4bf2342f4f8e5be9188b4e7547921fda4affd
priority: u=2,i
x-amz-id-2: gWjuBSRoeEiWO6c6cX69UP4vD4rkZ+9rMTdZF5f5/n6kkEjoTgn8FDg638dJxMnJB4yPpqFCbb0=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=14267&min_rtt=10492&rtt_var=5264&sent=18&recv=14&lost=0&retrans=0&sent_bytes=10783&recv_bytes=6135&delivery_rate=55468&cwnd=12000&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=42&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210204T071842Z
via: 1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-request-id: 7V7HGAP2A1P069RZ
cf-ray: 8ebf49351b6f9143-FRA
accept-ranges: bytes
content-length: 798
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 sbk_icon.png
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 4 KB
5 KB 61ms
49ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/sbk_icon.png
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9ecd16ca55e87719d5d8a7b43cd08adffec5bfb2b90e6c142c7222d71e6ba70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "cda5c26f3dfa37f2e25eb17c39c6bdec"
x-amz-version-id: k2Vt3f1VNXMwYfyHXOZ8pKLZdDB7x0wy
age: 539405
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A8k1efM21rV6a6ZGtFcf95gla1COEAnWg8SSZrwJmcHl9bZYHDgr0M3%2Bej%2BVHPEsckKM2tE4tT0bhBq7LKJ0XtByjkFJ%2FutMW5ifDtViK2bxTcKUmL%2BByuVo3BZEnTHiT8fmkI1Gb4LuH1EJJR1DIyX1eqjHb8Y%2F"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 0jUUgH-YHqzqYT6jv--fcjP7HJ6-IdcPCL71FQD-oZ_MH5sRogWhwA==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:58:27 GMT
x-amz-meta-sha256: a9ecd16ca55e87719d5d8a7b43cd08adffec5bfb2b90e6c142c7222d71e6ba70
priority: u=2,i
x-amz-id-2: gU+rzFrFZ72QWT8dZLq5cOSdBia/TRf2ExZTFVaGe+OxSmxJCWR/CpSem/Zq75WHgJwAshZ7oow=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=14267&min_rtt=10492&rtt_var=5264&sent=20&recv=14&lost=0&retrans=0&sent_bytes=12729&recv_bytes=6135&delivery_rate=55468&cwnd=12000&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=45&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210204T111357Z
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-request-id: 7D2GS7V34J3P3491
cf-ray: 8ebf49351b719143-FRA
accept-ranges: bytes
content-length: 3833
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 fish_icon.webp
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 1 KB
3 KB 61ms
50ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/fish_icon.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0077e95f870ea403c2c57eb6b1344425240dbaa97d1162602c07d3c484071c80

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "7fcf7a8b2cd1d6a1fea92cd62a32e014"
x-amz-version-id: RprPu0ma1CxZAXM0v7AmEcbe8D2MvGi0
age: 5346
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TcTyr0pAI2R%2F4V1d6UPljANwl4D4dqysUZiHGDD2FC9hsiWELwk3jnhnYzTmljh%2BvU2EaujoFmN0y%2Bc6gXmhnO5IGTiQaJ2q3Uu8oU6zzlXcgXRdpzPt8qHUE%2FLQk0NB7sUpkIrikZ8%2FkDECqjvot5erDVplwnAk"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: oVoK_h1oSkZjdlpdwHGybIOHunjFl1T06e7JjldvMcVed1OOQrZanA==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: image/webp
last-modified: Sun, 16 Apr 2023 06:51:57 GMT
x-amz-meta-sha256: 0077e95f870ea403c2c57eb6b1344425240dbaa97d1162602c07d3c484071c80
priority: u=2,i
x-amz-id-2: 72jBUkJZJz3MJgHdqzCp2n1JEJoYLpNocD7lk2XXLnGwMZzmWZ2keNB2I1NOxg7EXwEH0OCm0Aw=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=14267&min_rtt=10492&rtt_var=5264&sent=23&recv=14&lost=0&retrans=0&sent_bytes=16131&recv_bytes=6135&delivery_rate=55468&cwnd=12000&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=48&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20230416T064252Z
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-request-id: VNFDWMPF65W77M5V
cf-ray: 8ebf49351b729143-FRA
accept-ranges: bytes
content-length: 1498
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 togel_icon.png
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 2 KB
3 KB 54ms
38ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/togel_icon.png
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a9326398ea393475189641edb97e55a2dae5220268137d9047e6a5dfc846b9f2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: l6r_ZaNlRVH1nTsN0KoXh5aU..2c9wjx
etag: "7542cac014f2dbf81b811e97832da110"
age: 3119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CNORgjZigknW7C0Jg901oCw8yEMn819lTw53VnLEFL0ZKAW3M5u%2FsdNj%2BG%2FJOblAMKEnkI6UslYpfEWp1JLsOXs16BjvRvz1KyqczOjIzT4ZuPDxtbzXDEJBb0ht0Iivd%2BpFEmkD1qwQgNHAsH4szEYciwMA1SHG"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: n7jGSi-8eBjIt2rnUCYoqiXohHYIQYRrSDTpEzhgvayA7YH7OYxPEg==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: image/png
last-modified: Wed, 16 Mar 2022 08:21:43 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: XsYEgWB5FtFosK+PLUVMz78ZL8T/eBwVhCN0QmpkX6zHuk09a2SuA00hubdGqvM8Kf3DdD3fn+HwL3NeDEKbvM9c0Q8LWiZl8ErN9ucjTbo=
server-timing: cfL4;desc="?proto=QUIC&rtt=10136&min_rtt=6636&rtt_var=2181&sent=74&recv=37&lost=0&retrans=0&sent_bytes=71270&recv_bytes=8989&delivery_rate=1189409&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=104&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
x-amz-request-id: 7D2NVMG2P4H10AHC
cf-ray: 8ebf49356b9d9143-FRA
accept-ranges: bytes
content-length: 2100
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 binary_icon.png
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 19 KB
20 KB 42ms
25ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/binary_icon.png
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c924919361c5035ed59ede91ca97ebff1c00eba99b7aae914cb134c8cac4ccd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: 6DFoO7yGfD.VNczfr7shpfRt2Zqxmwka
etag: "5fa0fdbe976d3210cb32f08ec26ea0c0"
age: 5374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i3iiV4YTMSa7yocCwIxvDojQfU9oC3ipOZX2%2Fv%2BO0Y2pJGBg2YJyu5389xWduO7jaiW0iz9DVSXDeVB5n%2FARChPX2fAfjwJNzm14aHjc1buGTjetcwe5vonp6nw7NpMzFLhB2lbpW9Gfg4%2F1tMhvmJiw3uEkPYYH"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 7S2BtGXVRSOGr8ItvbxNLQE71H6YrSGeiRh1Rzh27MiwegSna-jHjQ==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: image/png
last-modified: Mon, 14 Feb 2022 10:37:53 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: aXa5nAucIPIv7v3Z7hEE/b1qLk99Tndv1Kh9qKelbCpPCR64KQGPmu5Hrap77StyC+emDKYPKXXMwyOeQg57Xv169ahB8FbuHb4e7VjhvDs=
server-timing: cfL4;desc="?proto=QUIC&rtt=12405&min_rtt=6636&rtt_var=5564&sent=30&recv=29&lost=0&retrans=0&sent_bytes=20540&recv_bytes=8645&delivery_rate=317425&cwnd=19200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=94&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-request-id: MXVMVB32CZJ1YSJE
cf-ray: 8ebf49356b9f9143-FRA
accept-ranges: bytes
content-length: 19488
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 event_icon.png
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 20 KB
21 KB 52ms
36ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/event_icon.png
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cd8b9feb00728e07feade0509d065aef51dd099fba936e7beabbf2eee113d79f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: zy7At.Kdqg7lkqf_wEMD51EGht9fipaO
etag: "e35c2ba93615748baba443f817d02403"
age: 7182
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Wjo4Ej539GosIyGtU%2B6%2Fa1Zvil2P0CPMbMDdb%2FRyS6nXqGyvj3H%2BMEWhyA0iWNDzZ7NmpQg9KAzNNCDFgqRpVNRQmmXTdLdWo%2FQEpJsY8v56HCgr%2B0napQBMcj58bdbzZYTSjvBoKEMUxhw1QZ4hFqc2s%2BbHFkoa"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: enc0l8sRh5ZytCkMtqrWfIQEAxmOf40add9Txi8OS_DubkGDytlWSQ==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: image/png
last-modified: Mon, 14 Feb 2022 10:37:53 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: msOPDRTtLbbDM6qELRJqgGfJjRShFzVItiHJOtTUSgYbD5BjWW7EYTr5lzzoR+3RQ8OPh/Stz4xeR2utcYNShg3RUswfDmno/reWyhDeLg0=
server-timing: cfL4;desc="?proto=QUIC&rtt=12405&min_rtt=6636&rtt_var=5564&sent=40&recv=29&lost=0&retrans=0&sent_bytes=32540&recv_bytes=8645&delivery_rate=317425&cwnd=19200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=95&x=1", cfExtPri, cfHdrFlush;dur=8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 ab3010c44069f62a66a4882fcd391e60.cloudfront.net (CloudFront)
x-amz-request-id: SCXWZDE5GTG7C30R
cf-ray: 8ebf49356ba09143-FRA
accept-ranges: bytes
content-length: 20103
x-amz-cf-pop: FRA56-P9
server: cloudflare

GET
H3 200 benefit_icon.png
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 4 KB
5 KB 53ms
37ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/benefit_icon.png
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 03f9cd544e2f6a51185fe9d8b6a2238edb139164f7cd11821d82fa3df9b64209

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "c62fd70f457cb3448d3adc8671639ef3"
x-amz-version-id: nHS2yTb1Vnm78uZa1dfmz94GxfrDB8e3
age: 146805
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbGbNpSIQlq%2BMnpkYEV5snkVKyHxfwH%2FvtP%2FIXs%2FKfDwNtihvdlH07sB1VYGDNCd3XhJgud5S1CQr8lyXxGFy3s2XyAmU1cvEfZUohwpMBbQVp4TWRQVv%2FehhyZ2pTNUShGXXCApqgkACt19tScVExYjdSpQHKKh"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: WwvilNSFkwzgLdoXboDE7YWk23YEWbnB7rzJ4hh6rearB34W62_nZQ==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:58:22 GMT
x-amz-meta-sha256: 03f9cd544e2f6a51185fe9d8b6a2238edb139164f7cd11821d82fa3df9b64209
priority: u=3,i
x-amz-id-2: 8OAN0hNJIlRZpywzFj1JDGm565NGz26dPlz38p/g6jmfHqdoYvhBnbTkHJPidgXXZz+7G3+NRrs=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=12405&min_rtt=6636&rtt_var=5564&sent=46&recv=29&lost=0&retrans=0&sent_bytes=39740&recv_bytes=8645&delivery_rate=317425&cwnd=19200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=95&x=1", cfExtPri, cfHdrFlush;dur=8
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210204T111356Z
via: 1.1 ed7f977b6d983a16331e3fe3f4764e9a.cloudfront.net (CloudFront)
x-amz-request-id: 80FH822PZ65SKTRD
cf-ray: 8ebf49356ba19143-FRA
accept-ranges: bytes
content-length: 3731
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 security.webp
hiewr.h85cndf2moxnwjz.com/common/others/ 2 KB
3 KB 53ms
37ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/others/security.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fe35a6e268819a720f6fcbc20bcd6e75efdbadf471ce0ebc298668f21a56c4a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "efa60b65bf6dab8b0d45a64b20f15ffa"
x-amz-version-id: Oi6Ra0BnhtA3B3qa9abuGDtsHL92Lv4a
age: 5374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7O7VkuMURcfrE6y2FuzRbnJVlYlIQUZZX0TMHyDpCo6MOpuKDH85T%2B8JzmAZaqgS%2BKLzFOLKN9sZ269ZM4%2BMNtxDENjeXHM1icKY5i0VQ4polC5qA8vjbxBvrsXtKWxS%2BDT15pmpLvd7SPaL4aRFuzoN5p5AsjgO"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: VoqtpPtcpwqvM-4RyNXDIDE-thkODS8O04QiYXIcBIT3Ki9YGTI4Fg==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/octet-stream
last-modified: Fri, 26 Feb 2021 08:17:56 GMT
x-amz-meta-sha256: 3fe35a6e268819a720f6fcbc20bcd6e75efdbadf471ce0ebc298668f21a56c4a
priority: u=3,i
x-amz-id-2: AtSRfl/8L5KdYKbDH7upggz1kMYz8xtXvg21eubGgkOmuotyUSSNqKPrzG0RPfgpK/eO4kQpyr15QJSjC+qDOeBby1IJR+XAE99vEQ6/vCQ=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=12405&min_rtt=6636&rtt_var=5564&sent=46&recv=29&lost=0&retrans=0&sent_bytes=39740&recv_bytes=8645&delivery_rate=317425&cwnd=19200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=95&x=1", cfExtPri, cfHdrFlush;dur=8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210226T081730Z
via: 1.1 760a29e891ec10bba1274911260e1fc8.cloudfront.net (CloudFront)
x-amz-request-id: RXXMMQ3QM06ABCP9
cf-ray: 8ebf49356ba29143-FRA
accept-ranges: bytes
content-length: 2018
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 AG-w64.webp
hiewr.h85cndf2moxnwjz.com/common/others/ 80 B
1 KB 65ms
48ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/others/AG-w64.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6f815b845b3e9582c26fae94d6d272e977ecca4b38d08713a88264380e84df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "57661f07e04350a04d1d9a9645014fe5"
x-amz-version-id: _ObQXPHMJ8FyeB1F0man.h0PQnwlCVob
age: 5374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OJJHnhipmIBwc2sX2vnRKm8d7NCNFQZxMZk9Zt9ieYyEurf3dFenRrqFVPAr5Do5WCW164IOZcpzR8J0YkIh8iJGiMIxCTFEJ9xdbELrOunUWv4mU3GZ8oHBvzguO9x7u6f2jfxEn5TS7eD6tgAP7l4j5BmtHXEG"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 0dtkNmgOyODfnpunnEdn437QTTRSY2wT2MjFuUrTizA67IZOykLj_Q==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/octet-stream
last-modified: Sat, 12 Jun 2021 08:53:20 GMT
x-amz-meta-sha256: 8a6f815b845b3e9582c26fae94d6d272e977ecca4b38d08713a88264380e84df
priority: u=3,i
x-amz-id-2: xwYcLOH0wE6Xpx9bG1zNGE2iDSZ4rESwFipIE3bVVHBnMCltemobk1XV7FOEEApTQpagU4xeegM=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10136&min_rtt=6636&rtt_var=2181&sent=77&recv=37&lost=0&retrans=0&sent_bytes=74467&recv_bytes=8989&delivery_rate=1189409&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=108&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210612T084723Z
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-request-id: RXXV8HT4D1Q970B0
cf-ray: 8ebf49356ba49143-FRA
accept-ranges: bytes
content-length: 80
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H/1.1 200
OK 0.php Show response
s4.histats.com/stats/ 51 B
185 B 315ms
100ms Script
text/html 149.56.240.31
OVH OVH SAS

General

Check archive.org

Show headers Download Go to

Full URL: https://s4.histats.com/stats/0.php?4819056&@f16&@g1&@h1&@i1&@j1733184126340&@k0&@l1&@mORIBET%20%3A%20Situs%20Game%20Online%20Gacor%20Deposit%20QRIS%201%20Detik%20Langsung%20Masuk&@n0&@o1000&@q0&@r0&@s0&@tde-DE&@u1600&@b1:6241330&@b3:1733184126&@b4:js15_as.js&@b5:60&@a-_0.2.1&@vhttps%3A%2F%2Fori-win.xyz%2F&@w
Requested by: Host: s10.histats.com
URL: https://s10.histats.com/js15_as.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.56.240.31 Montreal, Canada, ASN16276 (OVH OVH SAS, FR),
Reverse DNS: ns534110.ip-149-56-240.net
Software: /
Resource Hash: 0c23576fa12eb371e1a446fe96fdbca81ca6eb7fbd9a371def2e15751c0cd6d5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

Content-Length: 51
Date: Tue, 03 Dec 2024 00:01:53 GMT
Content-Type: text/html;charset=UTF-8
Connection: close

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 41ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XSCBCQCVWJ&gtm=45je4bk0v9172504672za200&_p=1733184126198&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1699786867.1733184126&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733184126&sct=1&seg=0&dl=https%3A%2F%2Fori-win.xyz%2F&dt=ORIBET%20%3A%20Situs%20Game%20Online%20Gacor%20Deposit%20QRIS%201%20Detik%20Langsung%20Masuk&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=931
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XSCBCQCVWJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ori-win.xyz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: text/plain
server: Golfe2

OPTIONS
H2 204 gameProvByGameType
www.aryagames.com/member/api/common/ Frame 0
0 1021ms
986ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameProvByGameType?gameType=SLOT&brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc1ad3c1-FRA
date: Tue, 03 Dec 2024 00:02:07 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 gameListByType
www.aryagames.com/member/api/common/ Frame 0
0 1056ms
1022ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=LIVE&brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc21d3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 gameListByType
www.aryagames.com/member/api/common/ Frame 0
0 1066ms
1032ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=LIVE&brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc37d3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 gameListByType
www.aryagames.com/member/api/common/ Frame 0
0 1034ms
1001ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=SPORTSBOOK&brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc1ed3c1-FRA
date: Tue, 03 Dec 2024 00:02:07 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 gameProvByGameType
www.aryagames.com/member/api/common/ Frame 0
0 1015ms
982ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameProvByGameType?gameType=FISHING&brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc1cd3c1-FRA
date: Tue, 03 Dec 2024 00:02:07 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 gameListByType
www.aryagames.com/member/api/common/ Frame 0
0 1047ms
1015ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=TOGEL&brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc23d3c1-FRA
date: Tue, 03 Dec 2024 00:02:07 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 gameListByType
www.aryagames.com/member/api/common/ Frame 0
0 1071ms
1039ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=BINARY&brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc29d3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 GetBrandTemplates
www.aryagames.com/member/Template/ Frame 0
0 1054ms
1022ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Template/GetBrandTemplates?brandCode=0000007&pathName=benefit&device=WEB&lang=id
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc26d3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 GetAllBrandContact
www.aryagames.com/member/BrandContact/ Frame 0
0 1020ms
988ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/BrandContact/GetAllBrandContact?brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc28d3c1-FRA
date: Tue, 03 Dec 2024 00:02:07 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 GetBrandTemplates
www.aryagames.com/member/Template/ Frame 0
0 1058ms
1026ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Template/GetBrandTemplates?brandCode=0000007&pathName=landing&device=WEB&lang=id
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc30d3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 GetBrandTemplates
www.aryagames.com/member/Template/ Frame 0
0 1069ms
1037ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Template/GetBrandTemplates?brandCode=0000007&pathName=landing&device=WEB&lang=id
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc2ed3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 0000007
www.aryagames.com/member/Msg/GetAncmntMsg/ Frame 0
0 1044ms
1013ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Msg/GetAncmntMsg/0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc2ad3c1-FRA
date: Tue, 03 Dec 2024 00:02:07 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 0000007
www.aryagames.com/member/Msg/GetRunningTextMsg/ Frame 0
0 1018ms
987ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Msg/GetRunningTextMsg/0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc33d3c1-FRA
date: Tue, 03 Dec 2024 00:02:07 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 GetMbrGameSummaryByGameType
www.aryagames.com/member/MbrGameSummary/ Frame 0
0 1051ms
1022ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/MbrGameSummary/GetMbrGameSummaryByGameType
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc2cd3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 GetMbrGameSummaryByMember
www.aryagames.com/member/MbrGameSummary/ Frame 0
0 1051ms
1021ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/MbrGameSummary/GetMbrGameSummaryByMember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc16d3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 gameListByType
www.aryagames.com/member/api/common/ Frame 0
0 1051ms
1022ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=TOGEL&brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc10d3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 GetTogelResult
www.aryagames.com/member/MbrGameSummary/ Frame 0
0 1034ms
1005ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/MbrGameSummary/GetTogelResult?brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc14d3c1-FRA
date: Tue, 03 Dec 2024 00:02:07 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 GetActiveEvt
www.aryagames.com/member/GlobalEvt/ Frame 0
0 1066ms
1038ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/GlobalEvt/GetActiveEvt?brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc12d3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 0000007
www.aryagames.com/member/Msg/GetWelcomeMsg/ Frame 0
0 1045ms
1018ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Msg/GetWelcomeMsg/0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc0dd3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

OPTIONS
H2 204 GetBrandStatusByBrandCode
www.aryagames.com/member/BrandStg/ Frame 0
0 1038ms
1012ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/BrandStg/GetBrandStatusByBrandCode?brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4939cc09d3c1-FRA
date: Tue, 03 Dec 2024 00:02:07 GMT
server: cloudflare
x-powered-by: ASP.NET

GET
H3 200 InterVariable.499fcada.woff2
ori-win.xyz/static/media/ 337 KB
338 KB 20ms
19ms Font
font/woff2 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/media/InterVariable.499fcada.woff2

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/static/css/client.1c7fe4da.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ori-win.xyz
Referer: https://ori-win.xyz/static/css/client.1c7fe4da.chunk.css

Response headers

cf-cache-status: HIT
etag: "1db34c4c28a88f4"
age: 7180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=11XABv7zyT5497RF6fQetm%2B5M5ePi8Uv9vVHMwCioFz72aTw5RxlTCJtRDw7CpejS%2FmhRZ9skobQQwVfKmTCKbMnn4tKfgS7v%2F3ajGCLEMRn5loBCWDeV%2FkWUfNVce1JOBxoD%2FgWirESsw%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28073&min_rtt=6102&rtt_var=20087&sent=564&recv=176&lost=10&retrans=10&sent_bytes=554007&recv_bytes=36079&delivery_rate=72584&cwnd=150150&unsent_bytes=0&cid=79e83cb05850ba1f&ts=1262&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: font/woff2
last-modified: Tue, 12 Nov 2024 05:36:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4939a9a7d3bc-FRA
accept-ranges: bytes
content-length: 345588
server: cloudflare

GET
H2 200 gameProvByGameType Show response
www.aryagames.com/member/api/common/ 3 KB
611 B 282ms
282ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameProvByGameType?gameType=SLOT&brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5677d70ff3f3dc4a2d717bee990ed7193d0d620d9718d2d44af8721b3f315e56

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B69H:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf493fdbffd3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 gameListByType Show response
www.aryagames.com/member/api/common/ 12 KB
1 KB 284ms
284ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=LIVE&brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3ac92162c0a4e45d4fcbae2db7a4c5114762a2b19493be39feb58387caee555c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K2L:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49401c53d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 gameListByType Show response
www.aryagames.com/member/api/common/ 12 KB
1 KB 564ms
288ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=LIVE&brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3ac92162c0a4e45d4fcbae2db7a4c5114762a2b19493be39feb58387caee555c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K3C:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf4941de93d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 gameListByType Show response
www.aryagames.com/member/api/common/ 4 KB
645 B 286ms
286ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=SPORTSBOOK&brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f28f003632affcd8499b8ef8cd00e5f53ba354f7788f33285be728a972e9ac75

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B69J:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf493ffc27d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 gameProvByGameType Show response
www.aryagames.com/member/api/common/ 407 B
285 B 301ms
301ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameProvByGameType?gameType=FISHING&brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1d7ce374d0f1d1b27b283d563f746d78557127e254cf244f2ac76902b202e202

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B69G:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf493fdbf6d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 gameListByType Show response
www.aryagames.com/member/api/common/ 688 B
441 B 319ms
319ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=TOGEL&brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f70e73092ed3ce7f80334efb0030d0f27bbd892ecc4b286e5bd275d35167a9c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K2I:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49400c42d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 gameListByType Show response
www.aryagames.com/member/api/common/ 693 B
447 B 298ms
298ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=BINARY&brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6b7f0edfe5f70b8f10f7b0f0508514b4b5c7a90ff4bea9f290dd9e71730382d3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K2O:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49402c72d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 GetBrandTemplates Show response
www.aryagames.com/member/Template/ 3 KB
779 B 285ms
285ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Template/GetBrandTemplates?brandCode=0000007&pathName=benefit&device=WEB&lang=id
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: a64ebc3cc41719048b05d570f4fe8c378382bd95ca045458ea25f5bbc3413de5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K2K:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49401c56d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

POST
H2 200 GetAllBrandContact Show response
www.aryagames.com/member/BrandContact/ 3 KB
857 B 279ms
279ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/BrandContact/GetAllBrandContact?brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 3a2c352b5480c07b497551620488c18c515b07dc6b758bd21312136d7b300d9c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K2D:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf493fdc0bd3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 GetBrandTemplates Show response
www.aryagames.com/member/Template/ 7 KB
2 KB 286ms
286ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Template/GetBrandTemplates?brandCode=0000007&pathName=landing&device=WEB&lang=id
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1597e1e49afe76491fa2405353ab0eace948272d279db7e0ec7cb5468cee007

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B69Q:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49401c5bd3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 GetBrandTemplates Show response
www.aryagames.com/member/Template/ 9 KB
2 KB 557ms
282ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Template/GetBrandTemplates?brandCode=0000007&pathName=landing&device=WEB&lang=id
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d164ab1ed5bc0c4c7730ef227e07061674572d0ce671d1865f4bc2062334b4d7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K3B:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf4941ee9cd3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 0000007 Show response
www.aryagames.com/member/Msg/GetAncmntMsg/ 110 B
164 B 287ms
287ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Msg/GetAncmntMsg/0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d6a462521daf57ccb1e2aa796e34d0d1238b6181d3ca17333385cb128e12735b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B69M:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49400c41d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 0000007 Show response
www.aryagames.com/member/Msg/GetRunningTextMsg/ 110 B
187 B 294ms
293ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Msg/GetRunningTextMsg/0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d6a462521daf57ccb1e2aa796e34d0d1238b6181d3ca17333385cb128e12735b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K2F:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf493fdc02d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

POST
H2 200 GetMbrGameSummaryByGameType Show response
www.aryagames.com/member/MbrGameSummary/ 4 KB
824 B 530ms
528ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/MbrGameSummary/GetMbrGameSummaryByGameType
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: aae0a0235dd8fb6c1c13364b5475485bb1b6663b5e6cdd3346fa3a82b9c8f2b9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B69P:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49401c52d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

POST
H2 200 GetMbrGameSummaryByMember Show response
www.aryagames.com/member/MbrGameSummary/ 4 KB
889 B 569ms
567ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/MbrGameSummary/GetMbrGameSummaryByMember
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d58d13c6d34bb37ac055e8546e3711ecafc1680d148c08660ed19f4f85326a91

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B69O:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49401c50d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 gameListByType Show response
www.aryagames.com/member/api/common/ 950 B
472 B 600ms
289ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameListByType?gameType=TOGEL&brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 92e544478afb60af3d77e3c9bbf273c6164c3e18341e277b253c00b9383ec691

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B6AM:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49420ec7d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 GetTogelResult Show response
www.aryagames.com/member/MbrGameSummary/ 1 KB
519 B 414ms
414ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/MbrGameSummary/GetTogelResult?brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c6d620c3bd9cff0178de495bf40626a61b6e146f28276d70445dcc88bab9ea6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B69K:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf493ffc35d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

POST
H2 200 GetActiveEvt Show response
www.aryagames.com/member/GlobalEvt/ 110 B
164 B 290ms
290ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/GlobalEvt/GetActiveEvt?brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d6a462521daf57ccb1e2aa796e34d0d1238b6181d3ca17333385cb128e12735b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B69S:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49402c6fd3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 0000007 Show response
www.aryagames.com/member/brandbankacc/GetGeneralBank/ 8 KB
1 KB 1080ms
1053ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/brandbankacc/GetGeneralBank/0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 81efa3d9f0b2999a64c52f2efa9e425cff1a2d4e887be0f97267a8035ed204ca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K24:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf4939cc0ed3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 0000007 Show response
www.aryagames.com/member/Msg/GetWelcomeMsg/ 110 B
164 B 284ms
284ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/Msg/GetWelcomeMsg/0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d6a462521daf57ccb1e2aa796e34d0d1238b6181d3ca17333385cb128e12735b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8GBE99B69L:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49400c4bd3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json; charset=utf-8
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 GetBrandStatusByBrandCode Show response
www.aryagames.com/member/BrandStg/ 428 B
296 B 282ms
282ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/BrandStg/GetBrandStatusByBrandCode?brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 865377def79c09d847783482c5448fa2eefedf13862142950e3b8b1ec19d947e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K2H:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49400c40d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

GET
H3 200 id.json Show response
hiewr.h85cndf2moxnwjz.com/common/translations/ 46 KB
14 KB 626ms
613ms Fetch
application/json 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/translations/id.json
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fcbba9d341378b70cecb70da8046aca390461d6d45ea0c6aa1f40b9d3ede521

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"7ae558f8b5fc185097dadf64c18cac0b"
x-amz-version-id: 8t4S676dngszF1EklSnGHCpl3GgqzBqR
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8V7xQy6pSDS5FfUmjmeSL4nQgtEIr8s%2BBl%2BFDys6%2BLBzEzm35fl1TFwmHeKc5tp1oSzVU4NgoNwBWahQx6P9T2cjKX9V7SLWkhsW97CW1nUAvfvY755mMs9N195MonTtszmYZZxp0jiUlHmr0ic4cSo1ZVsG1Ar%2F"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: HEAD, GET, POST, PUT
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 2D-653FZY7ditIHLPZzsHJQwHijyWsCob-amEoktM_YjMGA97lMFWg==
date: Tue, 03 Dec 2024 00:02:07 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
x-amz-meta-sha256: 3fcbba9d341378b70cecb70da8046aca390461d6d45ea0c6aa1f40b9d3ede521
last-modified: Thu, 17 Oct 2024 04:09:47 GMT
x-amz-id-2: 5DxkmgBmUpaUhF0U6K5jvXAOlUv696Yt3thgiJfaOtCUgnWqRKHStl4Oh6qVqpIatGcGAIj0eTY=
priority: u=1,i
server-timing: cfL4;desc="?proto=QUIC&rtt=11030&min_rtt=7448&rtt_var=7905&sent=11&recv=9&lost=0&retrans=0&sent_bytes=2208&recv_bytes=4148&delivery_rate=881&cwnd=12000&unsent_bytes=0&cid=021ed7fa7120d6b0&ts=618&x=1", cfExtPri, cfHdrFlush;dur=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20241017T040727Z
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-request-id: FAENHTC7B0VAZH25
cf-ray: 8ebf49399f218f41-FRA
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 components-SEOFooter-SEOFooter.bb681597.chunk.js Show response
ori-win.xyz/static/js/ 6 KB
3 KB 16ms
15ms Script
application/javascript 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/js/components-SEOFooter-SEOFooter.bb681597.chunk.js

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/runtime.01c604fb.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8179196dfe53174e17de7188632a1d5ae8369abb2290d02dc417d2aa8772d531

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: zstd
cf-cache-status: HIT
etag: W/"1db34cfb2c9a1c3"
age: 7180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V0X65T5OHivG75%2F7kD%2B71dZqdLQMEa7usGbeIg5h8t86eqH%2Fn5yyN8%2B6jKSZnyNPtT%2BnMW3YPDN5mBSbgAmK42sRU0JVnrtuSTbpsJxXL6%2FTMgCd%2BbBtlZ1LBtOQrtPx4a2WIspK1HPIxg%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28073&min_rtt=6102&rtt_var=20087&sent=560&recv=174&lost=10&retrans=10&sent_bytes=550858&recv_bytes=35019&delivery_rate=72584&cwnd=150150&unsent_bytes=0&cid=79e83cb05850ba1f&ts=1252&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/javascript
last-modified: Tue, 12 Nov 2024 06:54:20 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf49399990d3bc-FRA
server: cloudflare

GET
H3 200 Inter-Regular.46a1550a.woff2
ori-win.xyz/static/media/ 106 KB
107 KB 34ms
34ms Font
font/woff2 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/static/media/Inter-Regular.46a1550a.woff2

Requested by

Host: ori-win.xyz
URL: https://ori-win.xyz/static/css/client.1c7fe4da.chunk.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://ori-win.xyz
Referer: https://ori-win.xyz/static/css/client.1c7fe4da.chunk.css

Response headers

cf-cache-status: HIT
etag: "1db34c4c28e6ac8"
age: 7180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jMb80G5lSFKnLZ7fvr59YAaXZ2IUzBDJFTykPuEc3bsHIaIdh1WyHa%2FUvWnw8ishsFmRzurHma%2FBmS0rMbHo1GuLgXdbdbaBkzyc%2FolJMgn3cqU5H23LiOZUr4bUqrOQvAoJ%2FQMWEr3JpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=28073&min_rtt=6102&rtt_var=20087&sent=687&recv=176&lost=10&retrans=10&sent_bytes=701008&recv_bytes=36079&delivery_rate=72584&cwnd=150150&unsent_bytes=0&cid=79e83cb05850ba1f&ts=1264&x=1", cfHdrFlush;dur=10
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: font/woff2
last-modified: Tue, 12 Nov 2024 05:36:02 GMT
vary: Accept-Encoding
strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 8ebf4939a9a8d3bc-FRA
accept-ranges: bytes
content-length: 108488
server: cloudflare

GET
H3 200 helpCenter.webp
hiewr.h85cndf2moxnwjz.com/common/messaging/ 2 KB
4 KB 31ms
30ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/messaging/helpCenter.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1b91ff924cfb0ab57b29660e3364ce37584754b6dd1f2218f90df02d0e5ae88c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "8f0e821bc3b398983df651dc38305980"
x-amz-version-id: t_cepCECSpRzkx6Eio6KvveLBF5J7S7a
age: 1601
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BmX4VZOd3l8%2BSugl%2FCJyw1Z0Vhngyrh4sAkdJshZVP0gBllHiuh9dI5rGV2hWbV35rAZTtOVdJ7a%2FKOmZp6CAMN642AyX1i3uipETppzJsrF7%2FxBbOG3ygosC%2BZZIk6oGq03rb8%2B7lQirOWyZH%2FWZeszr%2BcyVk5p"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 4HClv1Qw56HNcklDBTjpCkENXck5J3gToQ0KVhIRue2AQIgR2O9v1w==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: application/octet-stream
last-modified: Sat, 24 Apr 2021 08:25:02 GMT
x-amz-meta-sha256: 1b91ff924cfb0ab57b29660e3364ce37584754b6dd1f2218f90df02d0e5ae88c
priority: u=3,i
x-amz-id-2: vtcyYsgxQj0k6q6OQmiS5Vpb1+pFrx2xLMCV6uFATSpAIkIZC9DZqxoB9El8MqEtYl8OYWT64+c=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=122&recv=68&lost=0&retrans=0&sent_bytes=117280&recv_bytes=14093&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=768&x=1", cfExtPri, cfHdrFlush;dur=5
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210424T082309Z
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-request-id: 215851XM4RW17CPX
cf-ray: 8ebf49399dcb9143-FRA
accept-ranges: bytes
content-length: 2458
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 chrome-64.png
hiewr.h85cndf2moxnwjz.com/common/browser/ 6 KB
7 KB 20ms
19ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/browser/chrome-64.png
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d07a00fc98b62b50fdcd4f7927e04aeaac0f70ae61eb1c9bd5731093ed41142a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "000cbf5e69cc5353bd87490cd7c725c7"
x-amz-version-id: 05WIAAMXclM8PGdzHvMENONB03UkxqMh
age: 538526
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mf6HmBLbA0CP3s%2BzYg39b7i%2FeRDDRgc3eAlLWbu0GyXGfg3EHd5JMW%2F96U002SkyEn1hmhg%2BIj17f34L8Cmv4yMX%2Brrus0tIPpAhSPhubZnUWLP2C0dQ0zIj4PlV2RIM%2FFIOesh%2BFWyi%2BAAB6Bn4dIdCYaUHtU%2Bb"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: SJhwGwRHKWi_0MjidJ367_ur2DuRm1RrUvu3st4Igd6bzu3ykIHQuQ==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:38:54 GMT
x-amz-meta-sha256: d07a00fc98b62b50fdcd4f7927e04aeaac0f70ae61eb1c9bd5731093ed41142a
priority: u=3,i
x-amz-id-2: RbPVAYW0CqFcSYK6Ia7LG/AADd7DHV149KcQaqOCoY8/Vh5t2YTIiLQlWUqgsucdIBdvsADM6XY=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=93&recv=67&lost=0&retrans=0&sent_bytes=88529&recv_bytes=13729&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=764&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210205T105113Z
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-request-id: A8TEH4DY0DVBWMHT
cf-ray: 8ebf4939adcc9143-FRA
accept-ranges: bytes
content-length: 5724
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 firefox-64.png
hiewr.h85cndf2moxnwjz.com/common/browser/ 8 KB
9 KB 19ms
18ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/browser/firefox-64.png
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bab2e0a6e709b71b33dc3655dc027d3497676432c3a5f8005c7e014c0c16acba

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "3e471d14e76dac59ae2f55d258d79137"
x-amz-version-id: YHp4w5SWXFii2v.VL9HnanbDlfz.fWba
age: 322340
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2c6PZNSv%2FHvcTLuB%2BFd0M%2FDKRsHXA%2BNgWKzfbxq%2FWwX1nLqohOZKnGxEP38mB6zQpmzVO9nHnJJfVwcmvmmWMakBh6XWExxvyG6mkWVaTzKiQ1lBXE%2BI3%2Fs2Kuv0b3BDm3yzbSKJEtxfea37sZU29Kk153cGNVBK"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: l8e-f-UxKQkM7Ufz6e7g-JHLLQ3y0E8dZea47l9o6CYe6kGa9Mr-nw==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:38:54 GMT
x-amz-meta-sha256: bab2e0a6e709b71b33dc3655dc027d3497676432c3a5f8005c7e014c0c16acba
priority: u=3,i
x-amz-id-2: XqHuLODkpxPb9ZiI1gRZ6W+djSIygBEEWTXawIImnokkgHUtbdkLxVmYt1jlX6b7QEfXFLS4veOpqbsU1ljXbjEuQjFzwdc1Z8B+v73WU7k=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=85&recv=67&lost=0&retrans=0&sent_bytes=79000&recv_bytes=13729&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=764&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210205T105345Z
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-request-id: DNP91314WDQFB8DJ
cf-ray: 8ebf4939adce9143-FRA
accept-ranges: bytes
content-length: 8202
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 safari-64.png
hiewr.h85cndf2moxnwjz.com/common/browser/ 2 KB
4 KB 22ms
21ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/browser/safari-64.png
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 94d41f98e2635acf4253b9c83f5b42ea6da94c164ab6b04c40bfe30b7fcb1b49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "e77ca12c09eadde9174c6c954542a415"
x-amz-version-id: dOnM9MT7jXen_fNM2L3rcabRV3XBkELG
age: 967
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OrAA97qepkb%2FKNjmLy3%2B%2BkI8ct8LIzPS%2ByOHwyTRilN%2BPoCSu7mY%2F1dHDxOmLgl3QXk07kg2aU4QfhBbEXAnnBS9pBCOjpJ3VoygszJMbucClvGSzvCdBAOOjCfQoFH3wnYV5LN4bXOyGkyvKwziz59wwTLtVTp3"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: OVUIr9ZC-qXaWk8p-VGZFy8R4bqVne0CCYbAL7Rro2dxBHRVs4TjyQ==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: image/png
last-modified: Mon, 15 Feb 2021 10:53:33 GMT
x-amz-meta-sha256: 94d41f98e2635acf4253b9c83f5b42ea6da94c164ab6b04c40bfe30b7fcb1b49
priority: u=3,i
x-amz-id-2: RtU+aIRDZB1EluIp8gSc9zKJ/6PL8FcnTP9yxja2OUUL/Rz8j1U8Bft/LOLtMcYPLbcBMG3wOvU=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=99&recv=67&lost=0&retrans=0&sent_bytes=95504&recv_bytes=13729&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=765&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210215T105313Z
via: 1.1 701ed6d11cb535ec9687bbfbe3b14bc0.cloudfront.net (CloudFront)
x-amz-request-id: 7D2G9W98ARGS3VN8
cf-ray: 8ebf4939add19143-FRA
accept-ranges: bytes
content-length: 2547
x-amz-cf-pop: AMS1-P2
server: cloudflare

GET
H3 200 premier-league.webp
hiewr.h85cndf2moxnwjz.com/common/game.event/ 3 KB
4 KB 26ms
25ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.event/premier-league.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 749b0ca6b0318046e3344ae2e6441aa73b0732073bc6a12e83c5ced3adc77ad8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "b8945ed85d028ff51d61956e9d0a4a94"
x-amz-version-id: mnBOGcjS0VHJHp4_0g.knK_lsgl5BYdg
age: 17134
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dDxJY6UqwKt3krjcQYR%2FGf3a269ILxWo%2FxYStDv6J3BiErkHwEHZ1T0zzZiy%2BUHLReqQELE8UshJc5WASHPLoxskNYR7zFx5GNf0K309mNvisImxR6yPm7GR4NljmK93Z4XexWA6O%2BtQM3ZFkaVgZ2PKYnmlDXwY"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: uKN5Trll_eH5LRiIIUMv4ToSOHSj1rnqGMLAMUuyAp-b2xj6b63BjA==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:38:57 GMT
x-amz-meta-sha256: 749b0ca6b0318046e3344ae2e6441aa73b0732073bc6a12e83c5ced3adc77ad8
priority: u=3,i
x-amz-id-2: OmzlhOAhkAhnQ6ymKYTzHKPl22o5J0eZMbBu8IP3+vgs3YmluA3iWqlhEMQd6b/O1RW5AUIg0PY=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=106&recv=67&lost=0&retrans=0&sent_bytes=102355&recv_bytes=13729&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=765&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210205T083403Z
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-request-id: 3D66JZ864FW6111S
cf-ray: 8ebf4939add29143-FRA
accept-ranges: bytes
content-length: 2952
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 la-liga.webp
hiewr.h85cndf2moxnwjz.com/common/game.event/ 2 KB
3 KB 23ms
23ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.event/la-liga.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51058461d22f260c99bc5b6913d17dc3591f4fa22c82e70ed1320635b13c43c6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "d4c93ad7ad7f63f1c370296cb0921b3b"
x-amz-version-id: Z_ouP7CG4TiXZc7Iiz9mwUbHLq0vFdRg
age: 522323
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pWDoHh8LSp9%2Bef4pvEzRjdcDn0fBFBqmcj9x95S9UjNvYNWJKM%2BMW9w60prgUREL3ic0hbRFAKvBVNd2KKUvg9fWji4x3LRX6oOvTzDUDNb8teNsPg3ICqqQbyv6Vifli9hDdZ4h%2FVoXnYouu2GddIL80mcVqnlk"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: K8-tpzfYB42rtb1RLvpoyLPj0-98_jfyQFbqBxQlgzlGzYmXhtPudA==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:38:55 GMT
x-amz-meta-sha256: 51058461d22f260c99bc5b6913d17dc3591f4fa22c82e70ed1320635b13c43c6
priority: u=3,i
x-amz-id-2: D3RaZclzq75KR1W6t3XIiuXKca95/8XT7QbQoluXzYJuCgE6m+8ieiU8d3/8jMchpm2DsiXDyw0=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=103&recv=67&lost=0&retrans=0&sent_bytes=99250&recv_bytes=13729&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=765&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210205T083403Z
via: 1.1 0c371064bf157d89e4b3520c0b29474c.cloudfront.net (CloudFront)
x-amz-request-id: 2382EEF8G3AQVNYD
cf-ray: 8ebf4939add49143-FRA
accept-ranges: bytes
content-length: 1930
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 bundes-league.webp
hiewr.h85cndf2moxnwjz.com/common/game.event/ 2 KB
3 KB 24ms
24ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.event/bundes-league.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ff0e1b2d22d179fb1138b0e5bf5487a2fe305ffa59adaa92f9329e0c49aac97

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "ecaa5081543218417982f1d400674852"
x-amz-version-id: S4ahXMmO2BxIFHvp_Y1aTMngZbFmsHuh
age: 33154
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xs%2FwLFaJOBBpshsLm8H7ONe2QSmRCXVb%2FRj32EVek8WugEQvvq4lplzWZ24VUCE9FVBcfe87rG9QN4hXqbGw30O3AKoakQ7ZkQvkqCCxnz667UsO0gXeF0djQ%2BTPATw3BGpO%2BrIzrH9QWC8zXOAhj3AenEzu2okM"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 71GGazFuvfOB4i9Wjq2v9s79cO3X1ixQO5uxscEqZlT8c3DT5y9hYQ==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:38:55 GMT
x-amz-meta-sha256: 8ff0e1b2d22d179fb1138b0e5bf5487a2fe305ffa59adaa92f9329e0c49aac97
priority: u=3,i
x-amz-id-2: PFmtJKFV4beh3fH0IoE6hALM93CmTpxLI+9cNpy0nvWsABqAMLUSXXIPrJBguEKOrgu6ZNG3CgC3cEKOxofvKAkht6W5hbnY3grT8HoptqQ=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=106&recv=67&lost=0&retrans=0&sent_bytes=102355&recv_bytes=13729&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=765&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210205T103945Z
via: 1.1 c8710a117c1dfdaea4e9dfc4d41970d2.cloudfront.net (CloudFront)
x-amz-request-id: JF7W6RVG7XBK9997
cf-ray: 8ebf4939add59143-FRA
accept-ranges: bytes
content-length: 1610
x-amz-cf-pop: VIE50-C2
server: cloudflare

GET
H3 200 serie-a.webp
hiewr.h85cndf2moxnwjz.com/common/game.event/ 3 KB
4 KB 25ms
25ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.event/serie-a.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e399477309fcac20ca13c14b64b21d75afcd840d9ae33134cc939eaa799515e0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "9e810beaf865d49baafc2746ac614b22"
x-amz-version-id: .WKma.XBBbjn3s5Zd2lPTFoG5afXy81e
age: 577963
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lPUGAG0Kv9lbJim%2B8ZmFH5XeQpUeyNTBZZ2JXUiN%2BzKf1lWXC9voWyzT5RIsUUgsfwJB67dbjidzkLQEJkSXYPv1MjM4zl8llWSVnEnO0lAQtJSvPnImD5soRGSnaGLZFOdRhtUSgldLZQ8%2BPA6OsMi19c7bliKU"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 8JFmRDD471qdj6YbtidTlux14Hd0yunahRZ1aQi_hodTktnlyPw1Ag==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:38:58 GMT
x-amz-meta-sha256: e399477309fcac20ca13c14b64b21d75afcd840d9ae33134cc939eaa799515e0
priority: u=3,i
x-amz-id-2: S2YnqhEbvbn/F3rYYjrtaxHexXXA8XknFNUNLnSime4SdiA3YglJHSj3Net2EfZvbIVCLDqTDT8=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=117&recv=67&lost=0&retrans=0&sent_bytes=113016&recv_bytes=13729&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=766&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210205T083403Z
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
x-amz-request-id: KXJHV8DBA129PSAC
cf-ray: 8ebf4939add69143-FRA
accept-ranges: bytes
content-length: 3038
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 ligue-1.webp
hiewr.h85cndf2moxnwjz.com/common/game.event/ 2 KB
4 KB 25ms
24ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.event/ligue-1.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d55141a381fb3c6a5225409782561a0d3f77de214b0cbc7ddf6023224a06bfe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "a83f5e4f64eb3a0000a0b69597c7bad7"
x-amz-version-id: eS8WbTOuf27Oc7pyKrszhfkZziIcHP3p
age: 12664
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Rj7XOUuZtUHxgqu1ASq27iBClLsKsWsl4I94xXaLwirKA8g5UJrUgpLXsM39TL0QtF2OoLonF%2FaZuJuELDaGQaD55DW10u17dxXhg0lzgBEbRs7gK5ov%2Fl3xmeiexyyUagM9sKGk4SxNnU24zHxJQ8VEOuBqrp9w"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 6XoVy7vA8ON9Uzz7yDZS3BFxtgT_a7S3IFWarJwpvtNAPqgEDhSLAA==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:38:56 GMT
x-amz-meta-sha256: 4d55141a381fb3c6a5225409782561a0d3f77de214b0cbc7ddf6023224a06bfe
priority: u=3,i
x-amz-id-2: JJ1ziE3THbGJ6b9EYBk6R//kCUDNIcrME4yiVN/+n0xtvLMS2MqKW5nMI5RWtOdvwVBAxZt0+OQWC2lCZ0zxf6Vd3APGc1MVao3jqdGVdYc=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=106&recv=67&lost=0&retrans=0&sent_bytes=102355&recv_bytes=13729&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=765&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210205T083403Z
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-request-id: R61WYEYKQV2RBAWR
cf-ray: 8ebf4939add79143-FRA
accept-ranges: bytes
content-length: 2464
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 nba.webp
hiewr.h85cndf2moxnwjz.com/common/game.event/ 3 KB
4 KB 29ms
28ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.event/nba.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 32bfff58cb190636b8353c5b7261385117157069def7cf28fb10f9e676f1515d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "6b5b55906f8e61dc9d29e94b8fc9c258"
x-amz-version-id: cTAntf6Vpyarb0iAberINuKNrKYSVkCm
age: 582359
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1gbrE16PjXQXx%2Ffj58u7cqpN4L3pNH0s0o9jmxy1fW3YEOWe0x%2Fn97rqObbPteVptA55T65lsYOkkvmj4UHznVrw%2FgAHIWAkARcXCcKusXGKCYKckShphG%2FvjDnaa7e5ai%2B2OkhMANcm1yNTYsla12vrNGr6DiQL"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: lwE6bqsGyHeceXhU0C0VNnBhyQfEYfOpZWjaXZxErFFw7r4o6YIUgQ==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:38:57 GMT
x-amz-meta-sha256: 32bfff58cb190636b8353c5b7261385117157069def7cf28fb10f9e676f1515d
priority: u=3,i
x-amz-id-2: sdpwNJpgySMcI8Tkk+0gfia95YAC9B3dHcYCQtXE8VjgCNOqMcPvKtkejIawTKR6V8Sn5f6sg1gXgi0vmUQH2xK0tKy8vPjOsUHBbWwAcQw=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=121&recv=67&lost=0&retrans=0&sent_bytes=117256&recv_bytes=13729&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=767&x=1", cfExtPri, cfHdrFlush;dur=6
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210205T083805Z
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-request-id: TJZSC038RM8AYNBV
cf-ray: 8ebf4939add89143-FRA
accept-ranges: bytes
content-length: 2986
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 master-league.webp
hiewr.h85cndf2moxnwjz.com/common/game.event/ 2 KB
3 KB 29ms
29ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.event/master-league.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c46b7f23e9186df2666b1982fe1f7243ca263970ef55cfb5beb6a49a015316e3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "94b2caec90477e7763ab72b7217b6676"
x-amz-version-id: hmSabZ4q4HUwnXxX8FAnSedI_xXm81J6
age: 334248
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4dE59rPUEDaPSDas74BwE4%2BbzWyzuqAXhLj495MdTQb5%2BQQQC4XR%2BvYY0QH6iuZ51ingd9O8nLTng9Zy8C8aeYOrjmUxQQDBK3C6m3de%2FXPmVQfohRFRewEE974MM%2FCQhvcAAAHcS3aZACabeVBE1rbH2QHuUylX"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: oOZ3MmQNrmqa7329zrSeF5-_jMugSryif7cXbqkMoL5eX2V1FrzFog==
date: Tue, 03 Dec 2024 00:02:06 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:38:56 GMT
x-amz-meta-sha256: c46b7f23e9186df2666b1982fe1f7243ca263970ef55cfb5beb6a49a015316e3
priority: u=3,i
x-amz-id-2: 7FN6OGb8JcQD6L36u4/GeVhMAGZWmMMKXmQ8D3o717GmLNbd2v51uQba9DSlvbof2c5Prq1cgvg=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8587&min_rtt=6129&rtt_var=1743&sent=122&recv=68&lost=0&retrans=0&sent_bytes=117280&recv_bytes=14093&delivery_rate=525990&cwnd=38400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=768&x=1", cfExtPri, cfHdrFlush;dur=5
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210205T083403Z
via: 1.1 43b9d5592d1dc6a44adc7ebaaf183280.cloudfront.net (CloudFront)
x-amz-request-id: VYB2VKC68FY0S2KC
cf-ray: 8ebf4939add99143-FRA
accept-ranges: bytes
content-length: 2016
x-amz-cf-pop: FRA56-P9
server: cloudflare

GET
H3 200 AG-w64.webp
hiewr.h85cndf2moxnwjz.com/common/templates/tmplt04/01012/ 80 B
1 KB 21ms
20ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/templates/tmplt04/01012/AG-w64.webp
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a6f815b845b3e9582c26fae94d6d272e977ecca4b38d08713a88264380e84df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "57661f07e04350a04d1d9a9645014fe5"
x-amz-version-id: 0aK9lKGYoKRoiHSgxL_Z6Z85Reduei0o
age: 7179
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aAxKnyrzbWLzD1kSFmyXTTHD8JOA4pcyAVq%2BPTQdolAo5rbFlJjbg%2B%2BNU3jtzZVP4Mzle4JKzkFFUSwgfWltS0KErkBvIpbBHLaMRhTQWuYd5xRLeglmo9e68IHfu7tN4dNAg5E%2BjwvTa%2FP9cbJMNMFOVT0LG%2Bct"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 1iD5abtL4ppTZXT-hMSNYblY-sUOfe7xsmM3rCyJMWyGMmM592iUHg==
date: Tue, 03 Dec 2024 00:02:07 GMT
content-type: application/octet-stream
last-modified: Sat, 12 Jun 2021 08:50:56 GMT
x-amz-meta-sha256: 8a6f815b845b3e9582c26fae94d6d272e977ecca4b38d08713a88264380e84df
priority: u=3,i
x-amz-id-2: RXyMDyrYfhJ3u8aTpyqB/LIVRxOmTpnM5eiOGH4K1QetRC8HMCd0okFI9OqamuhW7LwhqvpBzMA=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10852&min_rtt=6129&rtt_var=2463&sent=134&recv=79&lost=0&retrans=0&sent_bytes=128399&recv_bytes=14577&delivery_rate=1948195&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=778&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210612T084723Z
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-request-id: T407XZEJHD0PPDBN
cf-ray: 8ebf4939bde09143-FRA
accept-ranges: bytes
content-length: 80
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 favicon.ico
ori-win.xyz/ 4 KB
4 KB 386ms
386ms Other
image/x-icon 2606:4700:3034::ac43:8940
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ori-win.xyz/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::ac43:8940 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37dde6594148d8f14366fc3320a27fc54b2e50785e5a289527b639c7112adbf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

strict-transport-security: max-age=2592000
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: zstd
cf-cache-status: REVALIDATED
etag: W/"1d825691f0a7b3e"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DmcvexgdSipy%2Bhmei27Tl9VszR1Fcf%2B9hxiDjLiT0x6Av3tsxlxSb9WTt%2B036lOm%2BhzGTcAKJLBGGtTdq1r8Dz0eeoON4lEvTmBD6AvuB%2FCN%2BGYe9PP78m8Td0tdmB%2Bz4Izk7nqti232Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8ebf493a3a7cd3bc-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6850&min_rtt=5992&rtt_var=791&sent=958&recv=219&lost=10&retrans=10&sent_bytes=1020142&recv_bytes=38500&delivery_rate=22140095&cwnd=151350&unsent_bytes=0&cid=79e83cb05850ba1f&ts=1731&x=1", cfHdrFlush;dur=0
date: Tue, 03 Dec 2024 00:02:07 GMT
content-type: image/x-icon
last-modified: Sat, 19 Feb 2022 08:17:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 XL.webp
hiewr.h85cndf2moxnwjz.com/common/payment/ 686 B
2 KB 17ms
16ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/payment/XL.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 588a427fef176556f36f4ec84ce3dec509be1276c6c0b3085ab39a4c32d75745

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "93aa1000be7255db2c3ac50c381103e0"
x-amz-version-id: e6rrfTzdWA44YgorgS_hUSA6Rl55v2Zg
age: 3050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xrd7xVXV4zPVV8xYw6rUzdAn%2FgA38fVKJmwO8dTfcMFw8OgqsSIkRir%2BVdT1eCNXNxetQMC2N9JD28K%2Bd2rSYxmkNIXnAhiZgbEab5g0TmYzr2ekbdHiW9d6CvL8gPm7C1%2F2Rir3TBd54LCGtzdP7ZIHJQovNaFX"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: eFR-nbe_R0cc2r75FATe1yEqUbHVBKG-sG51cHWPWHK7YVH5dwSQEA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 10 May 2022 12:41:54 GMT
x-amz-meta-sha256: 588a427fef176556f36f4ec84ce3dec509be1276c6c0b3085ab39a4c32d75745
priority: u=3,i
x-amz-id-2: ZbZLoBXAJsXryKv+xtO2QrubQJQYlFD81od4lbTKjQPZ1bYT7j1TFmnt+bLGJHrO75XXgZ88AFI=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10315&min_rtt=6129&rtt_var=3029&sent=137&recv=92&lost=0&retrans=0&sent_bytes=129674&recv_bytes=18229&delivery_rate=788297&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=1835&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220510T083004Z
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-request-id: YNKBSBYQTG0NVJN5
cf-ray: 8ebf494059a89143-FRA
accept-ranges: bytes
content-length: 686
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 QRIS.webp
hiewr.h85cndf2moxnwjz.com/common/payment/ 822 B
2 KB 21ms
20ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/payment/QRIS.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa9c1749676dd3fc6fea658ab0e94c443c5b98802238077cefba540d9818cc2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "f7f6aa39df1c0bf4c2cc235e94bd112a"
x-amz-version-id: VjFHjSTxR.903AreY788x6TdyxUwLBPd
age: 928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3mHksc%2BG7JJVQLQN0xewOQGy7kLZg%2FNf66T06KTypdes0Hs9BThOwe%2B7FwIHLA61V%2FAVgCxbjN%2Fp3dSPevcqeDWgKm2YRAdhOU2woMYhyRiFAciUKsaxMWZ%2BeVoU89xCQL7U4YxM5lJOKW56MB0YkzOh%2BfHweCAI"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: GIHCrcZVS276XV_KBaggMan1XfjQnnC8L98YT1Xoo6heQ9Dqp3inBg==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 10 May 2022 12:41:53 GMT
x-amz-meta-sha256: 3aa9c1749676dd3fc6fea658ab0e94c443c5b98802238077cefba540d9818cc2
priority: u=3,i
x-amz-id-2: mpSlGlz2nVO7xUKqXd7SBT5+zNOFKgLRCEOzR2d8VPDTcvKbdYFAovYQIfD+49Gk/WNHo3qXMpg=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10315&min_rtt=6129&rtt_var=3029&sent=139&recv=92&lost=0&retrans=0&sent_bytes=131530&recv_bytes=18229&delivery_rate=788297&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=1835&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220504T024046Z
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
x-amz-request-id: 917YJ0AQS53VJDQ7
cf-ray: 8ebf494059a99143-FRA
accept-ranges: bytes
content-length: 822
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 DANA.webp
hiewr.h85cndf2moxnwjz.com/common/payment/ 1 KB
3 KB 19ms
18ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/payment/DANA.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 015b1def988ad795f7eecbe66e1a909b2f66a0817f6888e165bdc46220b5df64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "8a1644b9685bd51df6bf3e1edb772b8c"
x-amz-version-id: AQKibZczSe6pTDOB0DdHtDNf54ZUjgBS
age: 928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gHgGFuPIAfEWeRmbcsMfbWpr14LrspyYvtkfyWgS1JwtZ%2Fm7IiOFA4WlNrOy%2BV5L48JHwgyOalPlQB%2B%2Fg7hG%2FOGH9swaJUyE1m2RL%2BN2IKiISwndTlklFgBAt7NAC8iTbLucvaog5TteVuxnNXLkYlo%2BtIaP4VPH"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: XYUr9xGduilBL228PyM16lklp0-YImI3jvIm9d7mU2hI_Grk-X_Rqg==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 10 May 2022 12:41:51 GMT
x-amz-meta-sha256: 015b1def988ad795f7eecbe66e1a909b2f66a0817f6888e165bdc46220b5df64
priority: u=3,i
x-amz-id-2: nXKr+cpUO69wouXdU1rxCEHrdViwYruYndfIwu+jTFtnZbDIVNII1OW0RHLDBAcy/FeG6AqGfME=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10315&min_rtt=6129&rtt_var=3029&sent=144&recv=92&lost=0&retrans=0&sent_bytes=137123&recv_bytes=18229&delivery_rate=788297&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=1836&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220505T004612Z
via: 1.1 78280b924a7a9f0f018abcebd8ad82d0.cloudfront.net (CloudFront)
x-amz-request-id: R61KKFNAB5VR41HW
cf-ray: 8ebf494059aa9143-FRA
accept-ranges: bytes
content-length: 1454
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 GOPAY.webp
hiewr.h85cndf2moxnwjz.com/common/payment/ 1 KB
2 KB 18ms
17ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/payment/GOPAY.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1d158e7fe1d2ebdb55465b7f79da5389ff761406b7601a64e623ee99424bfd4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "280859bbc4843471b1ff7c9b0c2ae1a2"
x-amz-version-id: BxCDUxpfNC7Xx99AljoJL5lT.qIopjd8
age: 3050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Vufud1YVQ5opq64kOLDcgmaYMS3frLIX%2BXfKNUn4dRlCWPSYXAldOAnTFhzQ36oolPUK%2BnTGHBnexsIDLUjHky7VXz4xBBkhrdT2SKCVUduF7q8TauYqiflCmWiWKpxUecR5mwny3%2Br3zjYGptW23U3L4j830AHf"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: YgT6OnB2qVeTmXvIMCMMVo7I6sBgtH4rvAwBM8q5vBs3fb544QI9Zg==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 10 May 2022 12:41:51 GMT
x-amz-meta-sha256: e1d158e7fe1d2ebdb55465b7f79da5389ff761406b7601a64e623ee99424bfd4
priority: u=3,i
x-amz-id-2: VAgtGw7l+vQTGMz/YYJk8e+zx6RmteU/PwY8FCjLTZX505KIaIJRhla7Ed/G4F3ptF5SVwd78Up1gG3pbhofSNU/guTeqbwJXpe4GEaFVZo=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10315&min_rtt=6129&rtt_var=3029&sent=139&recv=92&lost=0&retrans=0&sent_bytes=131530&recv_bytes=18229&delivery_rate=788297&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=1835&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220504T024004Z
via: 1.1 77517a7f5d9094d359ba5186c3bda1e6.cloudfront.net (CloudFront)
x-amz-request-id: QD6MY5X4WKG5HY4C
cf-ray: 8ebf494059ab9143-FRA
accept-ranges: bytes
content-length: 1262
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 OVO.webp
hiewr.h85cndf2moxnwjz.com/common/payment/ 2 KB
3 KB 18ms
18ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/payment/OVO.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 123dba3cb2c7d68a6bc6d500fe9e35c1319164879d5f8c133ac42d66996b0a3c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "f72c4f3764334d92775cbb7449fa229d"
x-amz-version-id: hQeZ6T0YD1U4oCF1V61cfvaYLDK6L8vK
age: 3050
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FyFs8qHAk3JwzGMuDjUgGQpgvZdY8Wau87gDWe5i4dz8br%2BET9xqNGRPA0nn0bx5%2BKhrJ9zZ8KVggFehTD4sbVLCcn%2FiO77Nl3FV6FFph14Dm%2FEQL9tv%2BRZsXeLvdQc73h7%2BNoT9ukR7sGX%2FePoHeZ3JSb7UTcOl"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: dVNlbX2wBPhvvcajyq9KXZ5skNBWw0wjMvnUe8Dh8_tq7eyuqFZY1w==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Wed, 11 May 2022 03:22:37 GMT
x-amz-meta-sha256: 123dba3cb2c7d68a6bc6d500fe9e35c1319164879d5f8c133ac42d66996b0a3c
priority: u=3,i
x-amz-id-2: cY2ySxS80a80p9C6bI/JyuYU0QPxnSB62ULg0XN8j0CzdytYV22WBTUALeaUhr2FxEC0wtcSc1A=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10315&min_rtt=6129&rtt_var=3029&sent=139&recv=92&lost=0&retrans=0&sent_bytes=131530&recv_bytes=18229&delivery_rate=788297&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=1835&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220511T032326Z
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-request-id: P8JNAY5ZZYNBQ3EN
cf-ray: 8ebf494059ac9143-FRA
accept-ranges: bytes
content-length: 1624
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 LINKAJA.webp
hiewr.h85cndf2moxnwjz.com/common/payment/ 1 KB
3 KB 20ms
20ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/payment/LINKAJA.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 462fc9b25635deecc13e8fe284850026e76270caaf4d286a1a29e66a39c64bbe

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "9b9fbc3f6ad295951a038a1021e2cb4c"
x-amz-version-id: zcGVLW.w_X8O09A9iTaqi0KBFoi7E2P1
age: 3049
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AFQ2xvmnaaJID635lNbWjrOO29vtUPVmp%2B68IrQR9OtqBLEJEsqcv8By4e%2FpZyjw9kA%2B1acADZTUvoVnrxTS5DWM16BEf2mjvYqoJMfgCJ4beV5%2BhgRs2lVCwZ7O1McJxHQGYvQ9RCSTwW1TcnOe4cPLilDiHZUm"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: N3Gdni-8GnfDJgDLc41I3Qh6Grkzuqhrsscw5s5YAz0RJetFNZ9t9Q==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Wed, 11 May 2022 03:32:22 GMT
x-amz-meta-sha256: 462fc9b25635deecc13e8fe284850026e76270caaf4d286a1a29e66a39c64bbe
priority: u=3,i
x-amz-id-2: 9w2jNY2B6HAVZ7qwQWAmKC3fve8G8RwBjdIOm/RY8qvt0jK1WcqDiHuBIrrLIsuyeAB7dr090RI=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10315&min_rtt=6129&rtt_var=3029&sent=155&recv=92&lost=0&retrans=0&sent_bytes=146344&recv_bytes=18229&delivery_rate=788297&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=1836&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220511T033301Z
via: 1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
x-amz-request-id: R61HJP0YK5P02R3M
cf-ray: 8ebf494059ad9143-FRA
accept-ranges: bytes
content-length: 1526
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 BCA.webp
hiewr.h85cndf2moxnwjz.com/common/payment/ 2 KB
3 KB 23ms
22ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/payment/BCA.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12145ab6d92c0778983fd48834703989800638f955da5a4585e8676e5e54c95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "572f8c2f68cdb88c1982a26646c19aaf"
x-amz-version-id: qn_.C15AJ0ASPCTnOoYioYBmP6WULyPb
age: 1470
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VW45SiQbfyM10YA46VlLO2hclCxoFQeo4XTQtlKWaR5fjujyvPxGsKSTiZC8md%2FHDDXtUaOJVHdtdcOgH%2FA1Sp0kD%2BTVtMRYfeutylxcSG0QdvwaMkh4ImQqQUioqlpZTbeLTa0g2Qq7rr7h27d7Sb%2FH9Goa4VIM"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: lwUhq9PUqAvVY313q7i62Z0nF0Vm3Rkv1vJo_XQR_y6aHsydCh1TOQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 10 May 2022 12:41:43 GMT
x-amz-meta-sha256: d12145ab6d92c0778983fd48834703989800638f955da5a4585e8676e5e54c95
priority: u=3,i
x-amz-id-2: qVmfWXTCcCyYh26W5FvAAcf9cuodCnhR5UjXgT9JzAxImC0+liEywkIbf+7BDHcFE/+JJL5ooT8=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10315&min_rtt=6129&rtt_var=3029&sent=162&recv=92&lost=0&retrans=0&sent_bytes=152921&recv_bytes=18229&delivery_rate=788297&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=1838&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220505T002959Z
via: 1.1 544049d1dc4d534822b40b9f9c7529da.cloudfront.net (CloudFront)
x-amz-request-id: ZZVQEZP528TATM51
cf-ray: 8ebf494059ae9143-FRA
accept-ranges: bytes
content-length: 1840
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 BNI.webp
hiewr.h85cndf2moxnwjz.com/common/payment/ 1 KB
2 KB 23ms
23ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/payment/BNI.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b1d3df30ca74769cc4e3178fb5ad8b702361f218ea81dd1492c244a31d3ad18

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "4c55ac52fad0e88432c34e1407d818a6"
x-amz-version-id: 9e.P01s5RZ1OADALl.JxDRCIzLHuOjVx
age: 928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zGUgrV0cqG9%2Fl0dQhDUphYxe0jiO60OOCfstnCr0PkDwao%2FbGSErOjSFAxsVnJhbQ461Q33bIU7adaCcsTmHSK3s2oeI3TbRdrRLrGOr%2BqMyidMUQ7O2bvZSbvC%2BiyMi%2F6VY0QJGCpGZEchilhYtnMMI2LqBtFZC"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 5Atq7me75dQ9J9EMUSSJIB5l0oDpwa6p4N2grMJqXBtywXsd8ex3Aw==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 10 May 2022 12:41:51 GMT
x-amz-meta-sha256: 5b1d3df30ca74769cc4e3178fb5ad8b702361f218ea81dd1492c244a31d3ad18
priority: u=3,i
x-amz-id-2: m+bO9HjHTDQSk0Kg4++eKelUELOUw7UF+Hr1Gh5mx2TLfmCJAtIMGK35pKgEWWpA/FTlfNdhBnw=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10315&min_rtt=6129&rtt_var=3029&sent=165&recv=92&lost=0&retrans=0&sent_bytes=155953&recv_bytes=18229&delivery_rate=788297&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=1840&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220505T004008Z
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-request-id: 1ZKZRXZGTXXR1YHG
cf-ray: 8ebf494059af9143-FRA
accept-ranges: bytes
content-length: 1432
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 BRI.webp
hiewr.h85cndf2moxnwjz.com/common/payment/ 4 KB
5 KB 19ms
19ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/payment/BRI.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ef80c471adeeb08dd54fba1693450c80f6fad9012c5005c5fcbe44f376c8631

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "bd6611887c2e7d453598f30ddf5900ee"
x-amz-version-id: 4jL5kmimqXGmy0bJYYbz7ODCiMR7NPC6
age: 928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z0pDWHjFoQHc2%2F%2B4Jyfku8fzeWTcmzbD96SKWw%2Fe9%2Fst8D2YW4Lq7pnf7LTPCgHKQK1vIfE4vsTjza4ACwWK1GiUSCXUF2vs6W0%2BxNQyFfKNQPCyLvYrf9%2B8mkeZ%2Fc71lzGo%2BJIxaEd4fUl59ATsUZA4GbgN50j%2F"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 28smvzgpCtpZG3ah-F-prJBrnJE3FjPD9YD8DGSfToSEorUl4q5whQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 10 May 2022 12:41:51 GMT
x-amz-meta-sha256: 6ef80c471adeeb08dd54fba1693450c80f6fad9012c5005c5fcbe44f376c8631
priority: u=3,i
x-amz-id-2: Z9G+jts2yHbLirn30vBhbEpqDeiP/tQWKhOMJJdo+33raE7U+lxlRjCNZ9u3zIaLefY022dqRes=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10315&min_rtt=6129&rtt_var=3029&sent=150&recv=92&lost=0&retrans=0&sent_bytes=141473&recv_bytes=18229&delivery_rate=788297&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=1836&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220505T003021Z
via: 1.1 bf1322673c76eb0dbc1cb8544c47f1e2.cloudfront.net (CloudFront)
x-amz-request-id: YNKFMEXYYA06XH1X
cf-ray: 8ebf494059b09143-FRA
accept-ranges: bytes
content-length: 3622
x-amz-cf-pop: AMS1-P2
server: cloudflare

GET
H3 200 Mandiri.webp
hiewr.h85cndf2moxnwjz.com/common/payment/ 3 KB
4 KB 22ms
21ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/payment/Mandiri.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91fccc17e280698c2ec6a8333f13ca0bef469b716a70824b631c1cf0a3c4f05b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "d43486ebdfb9e2f4eb90a5e69ef32fe1"
x-amz-version-id: Vb7m5B0UNFdWBkruvYvtLal1gRVgaIdj
age: 928
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T%2B9GPGcLG%2FW6OFPfFKyJ1GkspNE%2Bb5w4B3l7rgfcEjAkT5f6sbRealiDo75%2BOf7O79zTBCmvf9Ycjlog9mobdInKOkJ8cQ5gdHZzXxufn9n46hE%2BVhDR4yyn1mTm8WwGo5iCZhzvT%2Bk8ASqcezYFsl3sqnnYh4OY"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: VjTLA_Hz4m0_L7MAsu7IaMpwdInEOJGJPCzqlEtcQF44M-M6vo-TXA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 10 May 2022 12:41:52 GMT
x-amz-meta-sha256: 91fccc17e280698c2ec6a8333f13ca0bef469b716a70824b631c1cf0a3c4f05b
priority: u=3,i
x-amz-id-2: 3cmA89mXLRygrfcx6/iDtVP35RLQ3LisboIMbN+FJj/+HypfvbevV2EiSP0vXFzdczs3pazszeYSzCNI1JlDyEPziVlY0kRrWaBe51YdVR0=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=10315&min_rtt=6129&rtt_var=3029&sent=158&recv=92&lost=0&retrans=0&sent_bytes=149058&recv_bytes=18229&delivery_rate=788297&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=1838&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220505T003105Z
via: 1.1 3bdef981159de9c713020c64476ba0e4.cloudfront.net (CloudFront)
x-amz-request-id: 1ZKJXYWEWCRB71YG
cf-ray: 8ebf494059b19143-FRA
accept-ranges: bytes
content-length: 2618
x-amz-cf-pop: AMS1-P2
server: cloudflare

GET
H2 200 tracking.js Show response
cdn.livechatinc.com/ 86 KB
29 KB 33ms
7ms Script
application/javascript 2.16.1.171
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.livechatinc.com/tracking.js
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/scenes-Deposit-Deposit.cdd8b714.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-1-171.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 0f12a5877e88f3815862421497a5195fb45bf6bbc9d52dada608b33c69d08975

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-encoding: br
x-amz-version-id: M3uhKPlnGgpJRawQsI9WcmPHZEwH0DUO
etag: W/"798a74b7b2f255b2c30595aa88f0e8c2"
expires: Tue, 03 Dec 2024 08:02:08 GMT
x-amz-cf-id: OOwFdSV9H72wkPF3UrluTp98VM92hgejWHoLe8Uj-reDXTlTHzZhIg==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/javascript; charset=utf-8
last-modified: Thu, 28 Nov 2024 14:15:23 GMT
vary: accept-encoding
cache-control: max-age=28800
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
content-length: 29646
x-amz-cf-pop: FRA2-C1
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H3 200 247support.webp
hiewr.h85cndf2moxnwjz.com/common/messaging/ 2 KB
3 KB 17ms
16ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/messaging/247support.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe24a61cd8f2584e547eb2420236b118a0cb38e514448b21de197a5006ddeda

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "3d0ee9dff39bb56465c444843b761427"
x-amz-version-id: a.ilkjKnPiTnlc87wbD5uoFoRzZ1r3OC
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xncxZYPUWKHyroMql72KUZUqgcybH0EL9B5dJdgYLDFOiC%2Bbbk5TrlGEw8dSB0DTQQNZ21XaD3iNucbU%2FrcXVbr4Echz%2FFbWiKATW1HTlCtMSH6BSVi5OcKLft%2FtaK%2BUesmU11HL1LUDMHAAREAF7BkhdBd7w5JJ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: wkSlskHxykDFE0GVamYA0ghj-BeBHN7fvPdD-_X8h1lDMmjA_tPY3A==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:58:39 GMT
x-amz-meta-sha256: dbe24a61cd8f2584e547eb2420236b118a0cb38e514448b21de197a5006ddeda
priority: u=3,i
x-amz-id-2: 56zmvvOENBLtVtGSdFtDnhKMWGoCGvTdd7QO6FSsgVZHLdRhnnxuZzlZFeJqzeHV9AlNfgQwY/cbV0wQ4ZrPg+DI9H9DOvMluT3Zvgiytvw=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=9020&min_rtt=6129&rtt_var=2135&sent=173&recv=103&lost=0&retrans=0&sent_bytes=161404&recv_bytes=20589&delivery_rate=2746&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2049&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210204T071840Z
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-request-id: 05HH7M6T3AMGTK3P
cf-ray: 8ebf4941aa4a9143-FRA
accept-ranges: bytes
content-length: 1566
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 WHATSAPP.webp
hiewr.h85cndf2moxnwjz.com/common/messaging/ 2 KB
3 KB 15ms
15ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/messaging/WHATSAPP.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d592e98948c6984ebfb3cee9c4050e9077db8dbd7caabf9e24f2f82c0ddcfb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "773b4344d016ee8dc7f8bee93dac5397"
x-amz-version-id: zqpR_mzY3rf6Ekr3jz4otWt471i2wPoG
age: 1598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kkJKvdzN1Y4gZP7SxuuM5pl1KEoaiw0FXDhEgn41E9T0WXIQzVQnHXIWYiGKGIcyoXM4NZrsH1qBsJxxuU%2B%2BoK1%2BA048iThoPyNHPfUvnsm%2FETvZNQBvvkXjxa6R5mnTYmA6EF6l2UDm3oYFxq8%2BxMwOgBFti88C"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: wvVHZld0oBjMQWbnFHIdtPBUogUturTQys9CFaT5Etmv2ruJcEKWlA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Mon, 01 Mar 2021 09:56:22 GMT
x-amz-meta-sha256: 8d592e98948c6984ebfb3cee9c4050e9077db8dbd7caabf9e24f2f82c0ddcfb7
priority: u=3,i
x-amz-id-2: jqgxEOi3uqX7you6uVnivc56n/BU/phrPmf7JSc6ovS6H5+yRr4jlmx+RTppj4vS5JhIS5iL8VA=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=9020&min_rtt=6129&rtt_var=2135&sent=170&recv=103&lost=0&retrans=0&sent_bytes=158627&recv_bytes=20589&delivery_rate=2746&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2048&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210222T092820Z
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-request-id: 5QWTK57PV1BAH9BA
cf-ray: 8ebf4941aa4c9143-FRA
accept-ranges: bytes
content-length: 1584
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 TELEGRAM.webp
hiewr.h85cndf2moxnwjz.com/common/messaging/ 1 KB
2 KB 18ms
17ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/messaging/TELEGRAM.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f803e41ecf56b105df265b998600474236ac5042767c3f9df1723e089c11c64

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "d8137e21e3d7088fb3238c39f3b14e79"
x-amz-version-id: BnIikcdsm6VQ1H.lRwsRI6If6ca4mh0i
age: 5105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P%2B3C0%2BZ6JFH4pqf56UEomgnlMMaWFF%2BGNGOBqAq3otY0OFiDgZK2E3KrRMIu0RuwHykksKM59gHNXGgbgIVpwC8xFgr0TuiouGzrIAm8sPV4TVbETAZFu8%2Bbvqma5p131jnBntAlQJv4IZsQgVh3lilsZU%2BEYQrD"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: _Q7_-DaLH78Qb7LS6T6gRLljC-5P0dxK8qi-BPYC7TUm7o0eeNC1vg==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 09 Nov 2021 11:29:45 GMT
x-amz-meta-sha256: 7f803e41ecf56b105df265b998600474236ac5042767c3f9df1723e089c11c64
priority: u=3,i
x-amz-id-2: AYC/RKmOMIKbWY5lDSLF4aDt5BifvHLNRfJpjy7y/KtSPmm8BtEtflZG+fOn3JOsj7ChHU+BxCU=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=9020&min_rtt=6129&rtt_var=2135&sent=176&recv=103&lost=0&retrans=0&sent_bytes=164172&recv_bytes=20589&delivery_rate=2746&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2049&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20211109T112844Z
via: 1.1 60fbd37e02af93daf30940afee9b7698.cloudfront.net (CloudFront)
x-amz-request-id: 05HTV1WG0TR1YM0Q
cf-ray: 8ebf4941aa4d9143-FRA
accept-ranges: bytes
content-length: 1104
x-amz-cf-pop: MXP53-P2
server: cloudflare

GET
H3 200 URL.webp
hiewr.h85cndf2moxnwjz.com/common/messaging/ 2 KB
3 KB 28ms
27ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/messaging/URL.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8713d7f9dba4b3cbafaaab55ba11e28312187ad4ede6941decec31e2e80275

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "f4e1bee943bb9f47e174cb71bf5a1d4e"
x-amz-version-id: Bf2_8zo95P.w7rByWWcG.T_3mwUSlxHb
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iB%2FDgHyiipeH%2Fl%2FmEacQRr%2BvE28rIu3ve8bc0DSG21h%2BK9j0Y8QY4GLYRjKtfVJXESzmrC%2B60Pqu0CmoYJwK1wH8oAHZhYLS7OUfwM4c8ozl1EHwS936n6UT3RFde2Jsq139XpgXhawCy%2B308c3r5%2FT8Yl9BC71b"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: pTzvgvFemmqH0iqNRD8XZyE6ZdVZETV11KEpYyvPxMoMEXZB5OFwvg==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 09 Nov 2021 12:09:21 GMT
x-amz-meta-sha256: 7b8713d7f9dba4b3cbafaaab55ba11e28312187ad4ede6941decec31e2e80275
priority: u=3,i
x-amz-id-2: SQmVgHDA5X+Z6gvigdfMZiH2n0EOlZJ1rTY2BDodGluzAQKzapU9M3HCZJlJAST5SIA5lULUR/c=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=8614&min_rtt=6129&rtt_var=1941&sent=185&recv=105&lost=0&retrans=0&sent_bytes=173558&recv_bytes=20678&delivery_rate=1043496&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2061&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20211109T120855Z
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-request-id: TBS8CF5P3DS7GH1T
cf-ray: 8ebf4941aa4e9143-FRA
accept-ranges: bytes
content-length: 1830
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 ANDROIDAPP.webp
hiewr.h85cndf2moxnwjz.com/common/messaging/ 974 B
2 KB 19ms
18ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/messaging/ANDROIDAPP.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 419ec7254d45f8e6d467ea8296a0b9d35d02b94bc4d50cc072470c6ba7ed0fa6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "d2fbd8d4d1d37d7cab9475da9c75c4c9"
x-amz-version-id: WCvPeZhd4oNDJgs6Fp1yLS89bjJUlmQ7
age: 5374
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=65Y%2F1ToZfXOwHo1TB5pj01Prq07VjbnnWTL1dgIwQPP8taXAosIyoN35Ng%2FttoD0rniCTfhDPcfhJ7xKlfHFcJWKXn2v32iKmR%2FSgtMEQ6%2BrhLkWIvZ4P%2BBjBLE2H6YU9nEuYu5QZ8YU%2Fvu5f1K0uHCjYGBGQyS5"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: Yn5jmsi01GEWDBImzfaCvOaQk9MmtQ4Mht1p64qWJU4M_wOBFnoCzA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Mon, 31 Jan 2022 12:03:19 GMT
x-amz-meta-sha256: 419ec7254d45f8e6d467ea8296a0b9d35d02b94bc4d50cc072470c6ba7ed0fa6
priority: u=3,i
x-amz-id-2: vcnNKijjhd9buyVrLJh+jGlzjnpHkFz3DErVBPergPDCpx7U0oOdGe0o1kZuLP+8b8pVspyyeNA=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=9020&min_rtt=6129&rtt_var=2135&sent=176&recv=103&lost=0&retrans=0&sent_bytes=164172&recv_bytes=20589&delivery_rate=2746&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2049&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20220131T120326Z
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-request-id: TBS8CZNK8VQP2PGW
cf-ray: 8ebf4941aa4f9143-FRA
accept-ranges: bytes
content-length: 974
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 android_icon.png
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 4 KB
5 KB 19ms
19ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/android_icon.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cdb52253328f168eb318a46db0a6d2b1adb3c383de2e80d0a4c993993348621

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "3f2796369bf3e4c8c828a5b1946e566f"
x-amz-version-id: I_.7ewgd8cWkMhZUHLR2fNiash.icadm
age: 1598
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=E5gTjswr9XCm6GJxzqSOcr3oEYy%2B01cn1XMmQQnlQW2Gi6S8wYNwCaoFTA2Su6JHvx%2Fk2Y5RTVn2%2FBgU3T45bqgqTsMr8gWj6qG72mbszSTqozr69R5iYXz5PE0XgQc4BCwov%2BjJ8Eh06%2BsFBLmzlTXGzTHUOt5t"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: fnTLyEmNuLsRR0ARcpXw0QZPmPyTivUlUHSTB2sk0CbFaBVCyPniqQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: image/png
last-modified: Mon, 31 Jan 2022 02:34:04 GMT
x-amz-meta-sha256: 1cdb52253328f168eb318a46db0a6d2b1adb3c383de2e80d0a4c993993348621
priority: u=3,i
x-amz-id-2: 6rreWvZ/jLxd5wM6XBeK3yxDCyczLUpgIoW5/OzeJiw0J772MsfYXqsd1i4qZSYLnH8oQMhbcL5DhteQUub4u3wayCbWt3KZL2lgGqN8Ftg=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=9020&min_rtt=6129&rtt_var=2135&sent=180&recv=103&lost=0&retrans=0&sent_bytes=168584&recv_bytes=20589&delivery_rate=2746&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2051&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20211021T190700Z
via: 1.1 21369bf2bfeb79adaa5bef1cb96f8540.cloudfront.net (CloudFront)
x-amz-request-id: CAG8GTQ4SZVVTT1W
cf-ray: 8ebf4941aa509143-FRA
accept-ranges: bytes
content-length: 3726
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H2 200 gameProvByGameType Show response
www.aryagames.com/member/api/common/ 3 KB
636 B 284ms
284ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameProvByGameType?gameType=LIVE&brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 05a66710be482789d9b803bd3520d685ea88d9002a394121efc6f987e31ddb6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K4C:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf4943885cd3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

OPTIONS
H2 204 gameProvByGameType
www.aryagames.com/member/api/common/ Frame 0
0 260ms
259ms Preflight 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameProvByGameType?gameType=LIVE&brandCode=0000007
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://ori-win.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-ray: 8ebf4941ee98d3c1-FRA
date: Tue, 03 Dec 2024 00:02:08 GMT
server: cloudflare
x-powered-by: ASP.NET

GET
H3 200 08f08094355f4d4ab809aad80bf72262.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 2 KB
3 KB 17ms
17ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/08f08094355f4d4ab809aad80bf72262.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 067f8fa4cb603d1e0ea5b06ffab34c33e5f43c05c7ee0fa51e1562a3ca264ca4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "064d7c37f924173e18f2f97fadf80915"
x-amz-version-id: 87W_tLyGEhqZjUk6s3p3QgLwcDs_wGqa
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=azFwD%2BE7HkdiIFWb4ZpcS5oCghfShKSNWVYB6wqqooasWgLXFbJieq1OjRnh7WuFnVRegooe6JO%2B28%2FqzyK0Z%2FD9imuqEAAXmimVdiPVbzR%2FfwE821YdiiDkDKBL%2Fo01OQEwaQjdQKVOxn8DRz3LcQZtVsE%2F3cfE"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: EmoDd9dyilKL_vMCWTffV9RZ82T5FTI0EZPj2ZHT4jA0FN6_Welk-A==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Sat, 22 Apr 2023 11:34:11 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: syFogoFyfN6f6sOvW3GJTCQxGHpuZ3vyuz3PEYUff+/bp9DcIS9ZDaV1FYR6bh8g5udsoSQNrK+oV8lWS/rX1AVNx0Bqcm7W/iBtkf1ieyc=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=192&recv=128&lost=0&retrans=0&sent_bytes=176684&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2098&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-request-id: V0GWNNJNSFCA2F0G
cf-ray: 8ebf4941fa6c9143-FRA
accept-ranges: bytes
content-length: 2426
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 cf213b2880ff427382ff45740c068f42.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 25 KB
26 KB 17ms
17ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/cf213b2880ff427382ff45740c068f42.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff028b76af94a11befa8daa3a4ad5621b9555d4e7f56bb45014c1401ba473dc4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "b8035ce7077b227bc741437006ad6fa1"
x-amz-version-id: pHjnVSZQJFpTOX.3LvOoTuzFvtn.Hz.P
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KdkJ3f61murO%2BkARu0pX9kjtWymXjNJ3%2BCCPyvfVXyHvHUXLYOKWWINLabR%2BKvpRXghiAkTAX1GbdHZ92v5Oe2Mcy99kp2zGRF9pINLYGjKzxbqO7wnQzzABfcYTaeP%2FuZ7XCTdg9d%2B7ORaTz8LCSHMfPJP0LDq3"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: crLeoIhRCB9jj4RlgrP1cWB2lO86fBZZeSO-5OubmUx9b-Xuc43lVw==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Fri, 21 Apr 2023 07:42:30 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: d7yq/ciBuoHCtE7cmEYuGIMonGsl2jH3UozVx4/U3dl+mjel6A+LhhGbA1YFXcwJyw+QGmtTwmE=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=192&recv=128&lost=0&retrans=0&sent_bytes=176684&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2098&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-request-id: HDC65GWS3V4VJ2CV
cf-ray: 8ebf4941fa6e9143-FRA
accept-ranges: bytes
content-length: 25832
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 953c0392dba74536a091923a084a01f5.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 26 KB
27 KB 18ms
18ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/953c0392dba74536a091923a084a01f5.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d0cd0aea6f713f0e18b9223038801a8e418f8a97222c177108f042a66dba5be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "a6aca7e121fcf152ab89b0cfbcfa5e2c"
x-amz-version-id: 1GWkidcU.n_DyuX3TPYoUmDKwz4bVOEk
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yHkrOwv97jBa12kF8iMYaajV7WTJlEXJRer%2BZDFsehZxAnDv%2BG1r3RG3Th3mxngHU61l7pPO1NfMDUU4hPmp%2FBJRGCcq%2F71z0hbw6Be%2BmRnCYmwUsIWytWvBXwQoyMeMhruOWR5eXhkSvW2u3fSm2UhnrLVFe19q"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 8fSuhsfC0hwz8FRTIN33xu5P-EXGEFzTZOmw6S2EPcR3D56BS2VRKw==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Sat, 22 Apr 2023 12:12:43 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: O6EC1ESLVtMSKJYH42vbdzPHQPvunqhtBOBd8Vs4SwjWxBdNlw6A32KgalXYvAgUYYydMqBqxhV9N6XjXWceCcJg2gmHMrr1+b3rCrv6Evk=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=198&recv=128&lost=0&retrans=0&sent_bytes=183866&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2098&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 9c920cc684a38b53bc9c7a44ba794874.cloudfront.net (CloudFront)
x-amz-request-id: 22BX77AQJ0W80K1R
cf-ray: 8ebf4941fa6f9143-FRA
accept-ranges: bytes
content-length: 26620
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 66ebf2215c1947f88136a1b56a220ab6.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 19 KB
20 KB 21ms
21ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/66ebf2215c1947f88136a1b56a220ab6.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: decf75e8c4f75d196dd575fdfee657d37362e494b83f14943b49f2f22414b4db

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: fLhd1uFQMXfR56grcAZnhxudXCFXIxi6
etag: "f43061cc0651521481a59a35bfd4f7b6"
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a%2BsBfnQFFOXqIJydezCMhDEjCE3NUPwzXqeMZrPG4yYTMvl00o2BvLUls8UFPNUp37qT5jghE1OIrqpnTapKmpRAmcX%2B%2FUdIFIDY4WOR2CXYOR0K%2BjCS7XRkKleC6Xh3DsS%2FiTca77uojdQtloi9ZAYA67uu0F%2Fo"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: tV_QtKbwfO06yHlxJQYxg9C_8TdQ5o_Ut5uj1XOKVIvVyTcpbq8Vxw==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Wed, 28 Apr 2021 07:18:29 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: fa3YbA97FsWc2KEyWjCDHr4AXxlFCYYjMXyeLpvJuv6kVY9g6sHUx+Ya/Mx1FwaCARfmWJftTD0=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2099&x=1", cfExtPri, cfHdrFlush;dur=6
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 dd4531988f4862a3b186f9d3356a6a74.cloudfront.net (CloudFront)
x-amz-request-id: X28AC1XYE4MS3V5X
cf-ray: 8ebf4941fa729143-FRA
accept-ranges: bytes
content-length: 19002
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 c305f6906d3d473eb5150d8ef4f8cbf1.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 120 KB
121 KB 22ms
21ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/c305f6906d3d473eb5150d8ef4f8cbf1.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff1b5c872d2efc8a4f0a2e2a11c7aaacf45d018c58b757b618f97888fc891970

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "1662379cb721bfafc555e328bc6c49a3"
x-amz-version-id: Ze2NzTUtCV9AaYg5MLZxkSBqqmzT8gWf
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=THzVgqWqPPEXbTlJ%2B1nDo57ueNzBYCo8QxHUo7UuimzhyjDW88ebFCRS5veGjvRYOXK501GLI7iKOGVA8LUZMDb1sWnHaGwzSA9bFLVLHFBfK1RwKPyaWEKix0nqfP%2BwnEKRAjDHKwRkwk%2FQ2ieN6ObTw2mszWuJ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: IudPlsVa1Ndu5BwEnpOl7mNnhVIx5_PRTrSMaZiymVfVnZmlrZu-dQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Fri, 07 Apr 2023 09:50:06 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: AmPr2pHJ2ZGguCb5tM1s/hwzvryDk49HHSlHOvRdDq3F0sOdDqDM2flQ6IAModC62Ow+GSI9TFQ=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2100&x=1", cfExtPri, cfHdrFlush;dur=5
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
x-amz-request-id: V0GP83TPN0MF062N
cf-ray: 8ebf4941fa749143-FRA
accept-ranges: bytes
content-length: 122836
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 d73e63b7eaef4ff5aea5cac9bc2fa236.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000004/brand-template/ 54 KB
55 KB 23ms
21ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000004/brand-template/d73e63b7eaef4ff5aea5cac9bc2fa236.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c781eedd768faf584e1ab6238f08facf26e7d12a0a5491b1f53b5ac884c7be1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "23f9fe762f445aabc5f802b6e4137e64"
x-amz-version-id: RKhAOs_p9BOQCFxPZj4YR85mzkLreLBa
age: 3119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=shiGkgdG9HspsriFEJZ83gUcdbJynfzARh4B3vTauAFYGPwEf%2FIwt%2B5j2ZYl2KEqw9gCVZZpc7HavBZ%2BPwluuuCQ1ELL9XR4EwDm7MT%2BQAITcVREPXX8PTQj%2BoVZ55LIwkT0K2z9wa5%2FCP3DIVpvjyxZs8y2WSLb"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: yYEc2ZpOwsF9ubUdWqR4qbbuYqSJeUwpTlLtLKo_f4Dn_4P5mJG2cg==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Mon, 11 Nov 2024 09:56:31 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: PVWXiE1aF+54fOFtVhjdHjgJ1b4MlG1DveZC7bExzbVspN124sJeI15edpjUTrwQMapToV6p708=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2102&x=1", cfExtPri, cfHdrFlush;dur=3
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-request-id: C6Q396KZCGM9WP7P
cf-ray: 8ebf4941fa769143-FRA
accept-ranges: bytes
content-length: 55382
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 868253757c31465eb00d8a4d8be475a3.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 107 KB
108 KB 23ms
22ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/868253757c31465eb00d8a4d8be475a3.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9925646b5e7075ea0b6bda99e7f4cc6e5cd73d40f086d049801bf94ae0c8edb8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "f756ca9dc331a80e25a03453b57b3b58"
x-amz-version-id: 8v52DPdxA9BwAwsau9yvXO4Z_zv_GjwZ
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ok%2F49JxnJVGrJ%2BtyT1jshb62y9vZwe%2Fwtq38zrV0jLGmRkNiCOItLqS8eum69bstrQJpYMYQOBzzP1hO1aXYYuL0X7j6DyBG%2F%2Bw%2FdW3J0LoZBtpTScWbWNFLGvKr0RULaQnbNbU8qvn6sPc1iaFC028viAiY2s1y"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: mw5vqXxjZrxxMSiZS9_J1rxMm6aa_yVXNUp96ziXpMSOVb3jqqaHpw==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 21 May 2024 11:09:47 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: BdEg8wc08EBeI11PXMCd0p9ulJf+prIzNtKcyT1hFNfzOS//uq3UQYYcgIyXjxbcfjTnBi8pe+g=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2102&x=1", cfExtPri, cfHdrFlush;dur=3
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-request-id: 3HEBZJ8ZV2X8CCG7
cf-ray: 8ebf4941fa779143-FRA
accept-ranges: bytes
content-length: 109586
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 fb61d02ebe414806a9ca7284c24c970a.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 112 KB
113 KB 25ms
23ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/fb61d02ebe414806a9ca7284c24c970a.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd279abda73b9c735ce2973381e07146af6ffc80eb68c33b058b537dfecd34e4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "83dae41d0b10230b8fc3898ed5c1bfb8"
x-amz-version-id: sdMhhz.aD3BRVzC3dXlEdpQhNqY0nLL1
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rUEERiB6jczIiXQ2%2FbIrZ7KNrxs0cffHo%2FFVh2q5c8cOUiYFcFw9Sxxz78bA7Rt%2BjZ3n3uxDOmDEk2Z5uNcViwfEvyaRVT0N59D4%2B%2BmBBD%2BrN2B%2FzS01MZuXQKKmwe2jY3y7i75xidnN8MJgDDAurD1yebh6jeeU"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: Opkk0gbYYzaqwZt3k2YMlRY5gK9SzfwYCr9O4P9lBbsFsJFL1Ydo9g==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 09 May 2023 08:51:23 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: 6vqyvaexk/zrXMpWfEHtAIIiVzda3OQb8ErqyAGFWnntUa47/mJpYol3+ljdDOw+agCe8WxInDk=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2102&x=1", cfExtPri, cfHdrFlush;dur=5
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 80779e7124f8d44ce2216c35ac5328a8.cloudfront.net (CloudFront)
x-amz-request-id: N5QFBCT8TW9VG1JB
cf-ray: 8ebf4941fa789143-FRA
accept-ranges: bytes
content-length: 115012
x-amz-cf-pop: AMS1-P2
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 41c6a103a11045a98e197045d6ecc6c7.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 111 KB
112 KB 28ms
26ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/41c6a103a11045a98e197045d6ecc6c7.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2bda27feb2e97b82403952356a3fc1c5a8cac1be0acde46063d6277958ea8a41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "702eb5615c5a20f6d975108be2d734a1"
x-amz-version-id: zw0HADxGxwkYA2g4RF41BUNtJ7Gn7q3Z
age: 7177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z3VxH7jlrPc5Saluvec8%2BX%2BYgkbUu8dg1aOjrtB%2FxbN%2Fh4PRX9GjPCUaTQWHZhvaIEKtsk0hAsLiIaYI4z%2FW7k27pAZJvV1o0how2evCehSq5%2BwSwC6dQD%2BbSp0Fj0epxvI2eWJtrFjaVS6fwmXh5cGmXuvXJXo%2F"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: UnIBcWdLSYDo3iTYnCLnahllrQt25hl_RixauIqwIUH8cLr5QYjw7w==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 16 May 2023 10:09:24 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: LKX8I0wrlyCUY4asQbg/nK2EjSo078WCxpnTWgyWSDv0N2VCaUQCa7OWX/M0ujSjuCBKLqw9mnI=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2101&x=1", cfExtPri, cfHdrFlush;dur=11
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 b83db9a9904a8f97beb31f810804b6e4.cloudfront.net (CloudFront)
x-amz-request-id: C0VGP3J4NTD165J4
cf-ray: 8ebf4941fa799143-FRA
accept-ranges: bytes
content-length: 113560
x-amz-cf-pop: FRA56-P9
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 cbd97f3760b6499aa0b3a0c967c3d5a8.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 117 KB
118 KB 29ms
27ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/cbd97f3760b6499aa0b3a0c967c3d5a8.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d87d8bcd80e96f4babf1480e3d27c8b3857ef4899645b478c3a54afa978877b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "ef726098647f62376dda9d46a3307bd4"
x-amz-version-id: IHksOSyJI39aloxQyb.dSCfMpQLVf3bW
age: 7177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ooqa3bMQsZXkPO8h%2BnMPqcn75Sfqgywgrgi6scthCWJUExZcJyFDEUy19Sxvu%2B1jWI9XbJ%2FpDeI2jaT%2F8RSPu4V8muHy0B3L8NOrPxnuyoqScTKuyPjc0K6QBHTJzjjNaxs8dxhe4sHCAzRLwsrjy8Wnnz%2FOBONc"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: d47iRFWZYDF0mjFGblBRjzoyq7b24gToeEcFDQnhKRp5D_AFp_diLA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 16 May 2023 10:18:25 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: +Re/klpB7Y0JXzWYifVZk3SPI7Og6gY1uVmoVqG4eno6KyFYWwRr/UZqd6s8kLvCH3Rrat6oL+4=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2102&x=1", cfExtPri, cfHdrFlush;dur=10
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
x-amz-request-id: 6SAN8DK6JJZBB077
cf-ray: 8ebf4941fa7a9143-FRA
accept-ranges: bytes
content-length: 119680
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 a38c5d94cfa8403cb71c842fdf243dfb.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 99 KB
100 KB 29ms
28ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/a38c5d94cfa8403cb71c842fdf243dfb.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e64579c39ffca5c6f4ef84e4381dcf4274aef5c665a638efdaed29c32c85243

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "94c896696663bc56a21ea99ef6a21796"
x-amz-version-id: pG6NHa7ao2lnk96MYXC7cRnFUQgMq4yw
age: 7177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BmlhRflw%2BPKhotPlv12gc10LwnJZtNo7ZpvSE51RC3PLNviufh1zICrfvYFoModMi5fNCETZnVasAZi6wmexjVFB2%2FDy3XhTW7sfGPyksmV1xIexH844O3fiAr6XJOyTJRMhdDl05%2FXcbsSB081UTfzUNDmUYuzF"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: sF-hkLG1rikbGapzWQHs7y3z4uAKsX_1xtypvJnhVSsyPf5RM9TbHQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Sat, 15 Apr 2023 08:30:00 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: xZd8Q6o9TGkkIQyf3wjpQVLeYd/1EY340+dPwMkckwPrK9hOkj8g1y6Q8YBPxfZqundYIDH1KOI=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2102&x=1", cfExtPri, cfHdrFlush;dur=10
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 74ca1b9f17cb4adcfc54f8b84ccc7d82.cloudfront.net (CloudFront)
x-amz-request-id: V4X61Z9Q9DCX9R00
cf-ray: 8ebf4941fa7b9143-FRA
accept-ranges: bytes
content-length: 101760
x-amz-cf-pop: FRA56-P11
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 fd54b8ac4512436189dc03f74d2e5f41.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 95 KB
97 KB 30ms
28ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/fd54b8ac4512436189dc03f74d2e5f41.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a00500058052923399644ddd83d3301de72160fc2480780b382619b91cb2c63

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "1bcd5f8eaa111f2365a371d86597518f"
x-amz-version-id: hbokl_wk1eHw2kEnBxP8gWl_eige1.cy
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cPXkhOiK5ZZyofzFPRCjrAT6JmjH0cO5Zj%2BzTge7eZ6bkFN4HiNKXuCzey0djr%2BBvTaBwbGM08V1k3RrWp3op68kWHkcU4hbVc%2FVlDrD6k5cn7YgqHnppkpCMQDJGnfaCgtB2vj1vC5Oy0ItxFXN5gQFbjunhpw0"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: E-zzKZLWWV9L7mL54UP8-3ZwP_pGttWmasS_-V7L2r0c98wCL6Lowg==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Sat, 15 Apr 2023 09:20:04 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: teYELrxqT7tif9nFUzYSRGaQgJAu65zje32Sj32s5Q5v01qmj3ci3nCK+sMbUKoR5XHD/Zl8fQlPmRY9PP104fgY9a5RIoJ8MdmsFPLxKZE=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2104&x=1", cfExtPri, cfHdrFlush;dur=8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 816b7f4e336674d9d7828ef4700482e8.cloudfront.net (CloudFront)
x-amz-request-id: KJZJTE6N112DFJXX
cf-ray: 8ebf4941fa7c9143-FRA
accept-ranges: bytes
content-length: 97728
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 d46c86bc911a4ccb905663f3c3867e09.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 93 KB
94 KB 31ms
29ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/d46c86bc911a4ccb905663f3c3867e09.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c7d4a77b37587c2a9fa3df8902a068bf78b2faff39d083487621dd2a916b05f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "16d1b11e0bbe0abeaa88aa610155b0a6"
x-amz-version-id: m1FMYDup1fe7Trdghy3sNLZ1dTzveVML
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B8mfDyCHssZbavrveL1pNTOFFlVCZZhlNFYdi7pjaIx288jDilWg1U0aRq5kis144BbpCnrucvJx60ZoE%2Fj2nxtMZjQU5UsuZn78Pnk%2FksVzsS1yvkmuNLfvFJVp%2FEmHJquR3kFZtCfH%2Fjq%2BqkD1KkDuWWzYy4OV"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: E24i0bhFuXF91rOv0Fcub1srXe2bnfJMbNwDHnMym-eUfe91iovrGw==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Mon, 17 Apr 2023 12:07:28 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: kf9kvMKZU3287Qa7UYvtiVPCJhGD4PvoXN2687kA4uZTIomvFsOcTCrsTrcdn4b630nQuSBW5gg=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2103&x=1", cfExtPri, cfHdrFlush;dur=9
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 b2ba97e9b6a83eff85433dad7f6e6288.cloudfront.net (CloudFront)
x-amz-request-id: E4N2NR17NTQ23AW6
cf-ray: 8ebf4941fa7d9143-FRA
accept-ranges: bytes
content-length: 95090
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 bdc14db641184ac08730363de356dfae.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 94 KB
95 KB 32ms
30ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/bdc14db641184ac08730363de356dfae.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55787b9e228ff1fdc5c9fd2deec594916976ee92eb0a6d6362ffa0331cf99d36

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "e5ef8f156a4f5bad579234d6b0564c73"
x-amz-version-id: DyEWbElLcyCzL6dwFsZi3ySLPC_OMThN
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Zo%2FMKJjEdCJEXwN5tQEJ%2FyUosvVi5fSegaXZOic1%2BrKW5TC2yLy5WQjGJOVbE%2Fkv5irf6gpMc%2FkV2zKmLdBtECX%2Fk3ua0V8BhWfBuVmkIZOZOMSYKKc9BqszyjdOWT2qKDGjhKsZjT5iO8NO%2BjAsnrm8ttEg6QP"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: Bt3B7PCUmMvwaChr_nhve4rov3iOBlYD_SDLXnZV6MpPHQm2uGSMSw==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Mon, 17 Apr 2023 12:56:14 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: skRtJTfwmHuAZNcZ8mD2zwlm62+YojgfPTKR/d16yx92xfREbxhe/9PTSrGGuEgYsxiLkG4/tE+c+Hn5KwZCTB+8XjpLBb1TAB2bX7jHt2c=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2104&x=1", cfExtPri, cfHdrFlush;dur=8
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-request-id: E4NCD8K7ANW49KKX
cf-ray: 8ebf4941fa7e9143-FRA
accept-ranges: bytes
content-length: 96532
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 9be48683fbb24141b34079f5c268939d.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 16 KB
17 KB 33ms
32ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/9be48683fbb24141b34079f5c268939d.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c98d867aa407894ddda967a0fddc5847b44562137f6c83bb1a213d8956a817bb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "772e231839897d53e168e8a05739855e"
x-amz-version-id: TFo68rOPWuAGOietzL6XjJMWCEXtVVu9
age: 7177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aIjMlCsA5s%2BRGIL1qNO3aW80R4MOTaEWsrQTfMrVh4z6Fq0WxYbd4xl7Eg9s0Q%2B98O%2B0EJowUlF1NfEqAlXCvQd4k9hSLgvy8XcYKNnMP3f52hzX9s3a%2BaYiuzCTE6NANnmL5pKeW6Dk1JqrWNb%2B%2BGJcLy867rwI"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: xhy6l0t6EYiwbFCTVX6Rw7bi06ed-DAvsHwOD73eEHD8-0Gr6cikNA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Sun, 15 Jan 2023 06:31:43 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: +MRSh5xACpqPJ3O2VugDu/Icytu5x2O9HbeyCZlb38goCEBAspto+ANum85x5jbAEAvpnUcWEw8dmKTHHv7B/POtz1OtFbhB2GHHFUPpSSc=
server-timing: cfL4;desc="?proto=QUIC&rtt=8358&min_rtt=6129&rtt_var=1968&sent=229&recv=128&lost=0&retrans=0&sent_bytes=219884&recv_bytes=29166&delivery_rate=358473&cwnd=43200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2104&x=1", cfExtPri, cfHdrFlush;dur=11
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 d9d768d21c32b97f76dd70e0bf382606.cloudfront.net (CloudFront)
x-amz-request-id: 3HE1B73YEYF1QX3C
cf-ray: 8ebf4941fa7f9143-FRA
accept-ranges: bytes
content-length: 16522
x-amz-cf-pop: LHR5-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 c16c1df1b54145a392649a7c9db912bc.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 16 KB
17 KB 34ms
33ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/c16c1df1b54145a392649a7c9db912bc.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7be9186cd1096f900b9e35643ab0ff3d6811bd91d48137c746bc69441a34e279

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "389911411bd3c3b1e809a1eb6ef0758e"
x-amz-version-id: GPWSHcAgC.iTkC_rLD3y1FuTykN8usBL
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AqvzIkazx6Q0WQcigSOIR34AiV9tBWYaksI9WMyBb%2B6BBL0Va1j8N%2FbRV0QSt5fumCPz44r4B7MMjWCNlrqpen4cgrzNTnHgyKbnkd0GB3OAOePNyr48Ik5AX9HK%2BuDmDsEnDsy1xJAUgN7o0Zvr8RAdkt8S%2FJG2"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: N5ZSb7b3t7OcT44r2g74qqvjsiz66GrSQw1nO2hg4DKPv4dIXxkv9Q==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Sun, 15 Jan 2023 06:47:44 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: bHcOQkLiFmqQ8jlnmdWnNNOl/6H/vsJfNn0z+4QA6iVOUwQyK2aSIcwlGjN4yOZ6jF2JGOw5tJlR3fZZtKPh7IotRoNGPfKs0Ky7W6eNXiQ=
server-timing: cfL4;desc="?proto=QUIC&rtt=7970&min_rtt=6129&rtt_var=1396&sent=291&recv=131&lost=0&retrans=0&sent_bytes=291739&recv_bytes=29298&delivery_rate=2353751&cwnd=79200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2106&x=1", cfExtPri, cfHdrFlush;dur=9
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 e3824a4cc698f190d3fa6fe687f1a600.cloudfront.net (CloudFront)
x-amz-request-id: 7FM639PKPFXSA59H
cf-ray: 8ebf4941fa809143-FRA
accept-ranges: bytes
content-length: 16686
x-amz-cf-pop: FRA56-P9
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 3a293173f8ee4b0888287380e2b4960f.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 17 KB
18 KB 35ms
34ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/3a293173f8ee4b0888287380e2b4960f.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46dacfb706a88589b6e3a656be995f9f1f90acef5360b84af1df9c56b0656b27

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "435bafc5caef9e07dce6cdb447395d0b"
x-amz-version-id: 5oQneNRpg7W7kdWlfOIy.G63sqxUpRuI
age: 7177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cC25GNiZqUM7iu2uDIxcoIPh9ljwffdH1%2B81P4qCU6DeY4WdYNbH%2B6Wf%2FHpog%2BuMTVJ8uBvsON7h04%2BLPYkoK3o8iCgD1LL1E02Bmac2dQaISJZxlimL6N3ZFWkCIoHhZTwQUSarzbRnFzTpuKlxmmFR6f6H%2BIkH"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: qpdwIqMjBTmsqC4eTXZtKFvwABp1zfNyLOc4iQggMctbY7nEWQkaog==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Sun, 15 Jan 2023 06:44:26 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: uMX7b8R7mfEtc2E/I82ZNjErxGOCLRfns47DXeSGzVMtyCxBcG4+/nHA7B9p+5co9tGTkaz86UBvczCbzbHZ8cFhHf0I8KwebEJEWi/cOwc=
server-timing: cfL4;desc="?proto=QUIC&rtt=7970&min_rtt=6129&rtt_var=1396&sent=231&recv=131&lost=0&retrans=0&sent_bytes=222049&recv_bytes=29298&delivery_rate=2353751&cwnd=79200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2105&x=1", cfExtPri, cfHdrFlush;dur=10
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 6dcc6937cfa978a65f9d5d75296b24a6.cloudfront.net (CloudFront)
x-amz-request-id: 3DMEKSCT2FTW1AGZ
cf-ray: 8ebf4941fa819143-FRA
accept-ranges: bytes
content-length: 17840
x-amz-cf-pop: FRA60-P7
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 31855585323b4505bddcd4bf35151c4e.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 18 KB
19 KB 37ms
36ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/31855585323b4505bddcd4bf35151c4e.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d480dce05c372fd938ca42166d567638f93a6b601f8d9ab635698e0e5c94901

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: h8ZhXoWAGIPwDA1JcclJ41jU3BF.fJDz
etag: "3df4e1b59a7ce559d1b6c2218ff8ea62"
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NS7JTIn1gHJNbwcRJRv3SRwkhwv2sMpl52e2nYbTsc11m4JcdAE4srZ1bFo%2FIYlofGsgs1qGzdejdNC7koS7z4tsNxTNhngZdyJ%2FZF0iAeuj7jIc3ZBIKuxC3Df5ZWTXmqESzSWS5mGSn0W%2BOpzgsE4n6nMt77cn"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: rc4MmChw4oYlR4d7lA1rmGV1Jd5cnQra0oOU_U2YL_6fOqkbtiG7SQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Sun, 02 May 2021 10:37:20 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: G3I14Z9p6ay1bxURn2g60S7/ghr4tFtBfr5xeCtd17y19emoMkmz5KNMh93MxxEWR18gZXYr7+E=
server-timing: cfL4;desc="?proto=QUIC&rtt=7874&min_rtt=6129&rtt_var=1240&sent=304&recv=132&lost=0&retrans=0&sent_bytes=306284&recv_bytes=29343&delivery_rate=2835923&cwnd=86400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2108&x=1", cfExtPri, cfHdrFlush;dur=10
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 8662e3c152f0b241b5d273e9b0c8f9fc.cloudfront.net (CloudFront)
x-amz-request-id: 3HEEY8GD8KTX2W99
cf-ray: 8ebf4941fa829143-FRA
accept-ranges: bytes
content-length: 18776
x-amz-cf-pop: AMS1-P2
server: cloudflare

GET
H3 200 0f3792e0bd2f4914a85c7de54f3fcc3c.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 702 KB
703 KB 37ms
36ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/0f3792e0bd2f4914a85c7de54f3fcc3c.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac0433e35415eeb4d6744a73684a281f92962c53f400acba5122009321f1355e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "549a16a87d91f188cd524579347e166b"
x-amz-version-id: kXlBoJsvslSwgmY1y8EEnpEGntx7rN3_
age: 7177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OWw9Rc8Zb0shdxkhnJ1e3rYNnAMO6rTgRYn687Bp0NqN6EeTMCR0PE9vA9AeDEH5LPS%2B2t0bPoTlyaHh4IkU70%2FcM1TIFA8M9ePzLmQr9JzwaOZUFfOWLgy1trXfZdwOTlY4bYG1y%2F9Xug5vTgzngC5AcZSxoqsf"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: RWavtdfEqG1SrF2bpKrhkGTN9ew4feAJDlyJlL4xPVsTwsvpIR-XFQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Sat, 22 Apr 2023 06:24:10 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: N95SfVHhCAOeHG41JgVZ0r025Ao9He2H/peAUWm9fkIYyNDRQ6klhLozHrWVWMK6H0cUjFcwUwTu0VU1hdJ6AGCvY7R9+nIjSLmCYbeW5H8=
server-timing: cfL4;desc="?proto=QUIC&rtt=7874&min_rtt=6129&rtt_var=1240&sent=304&recv=132&lost=0&retrans=0&sent_bytes=306284&recv_bytes=29343&delivery_rate=2835923&cwnd=86400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2108&x=1", cfExtPri, cfHdrFlush;dur=10
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 e4a4a1d8cbc68200b55d6f49ec5eb07a.cloudfront.net (CloudFront)
x-amz-request-id: Z721N4XF34MP0ED5
cf-ray: 8ebf4941fa839143-FRA
accept-ranges: bytes
content-length: 718502
x-amz-cf-pop: FRA56-P9
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 572f8a22f3554d29b5f374765466e4e0.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 15 KB
16 KB 38ms
37ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/572f8a22f3554d29b5f374765466e4e0.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66937c6fc0d62bc7d46b2b076e190e8ae1bcd888de971107c6882d7c71d9b446

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: l_F6MfBBghqS2dW62IW_CiVN99P_AL.6
etag: "3448976896571fbc8ec1edd5a9cf9ab0"
age: 7177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mMMVogIvy57p2dPckzycTkv3HPJPUATQQYs8%2Boe%2FgD7Uhb7lYV8pZvReR5vQhaptJbY4R%2Bb4it2wS2k2bkt7cND3zGLooFaEtwqp4tUMVAJovisIbH6sxFlzmtuDOUOGmyWXQYJVcLDw6QEx9Dc%2FYgOdJ3fs9qt7"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: lK4s1LhIJ88-Qp_dOv2DxWQaskZMu5caOzXerxO3upuwkyTP3iveuQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 27 Apr 2021 07:17:28 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: t9U0esOl2191ecIBEN1BJjwVnIIa4wRiBHftgnfidZdHBJh2N8ZbU5HkryMyjdt0gYKztMevwjw=
server-timing: cfL4;desc="?proto=QUIC&rtt=7874&min_rtt=6129&rtt_var=1240&sent=304&recv=132&lost=0&retrans=0&sent_bytes=306284&recv_bytes=29343&delivery_rate=2835923&cwnd=86400&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2111&x=1", cfExtPri, cfHdrFlush;dur=7
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-request-id: 22BS0T5ZJ1SSZQYJ
cf-ray: 8ebf4941fa849143-FRA
accept-ranges: bytes
content-length: 15144
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 5ee9f1471aff4c0489cfb4447f0d6ed4.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 16 KB
17 KB 39ms
38ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/5ee9f1471aff4c0489cfb4447f0d6ed4.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b4878cb83bbe8789bd99729e89c8f749f667d611998facdc8555443aa02347d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: H25i_54giYPfxldNCkTDfN0OudRkGLXg
etag: "40f1ae89018758263a73feb6c8937a7a"
age: 7177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yXSMebt%2Bcn0faFnaxpVg20TKYB6OHVazDq%2B094L65V4cWiqAk6jtp1gyc9MdG8DmOYCMnDvw4BsrVrefiJQAdHWbkBxQLXeukZ%2FhwmCvaLwKD19I9LFmuR939g7hZ0drpBCYrMf69%2FO9Fr%2BWTUjBceSduX6S4mn4"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: gBDRlSnKzGVfo06Wab2l_zHtn1tck0bJad5GqFdEzxEq-GvzGVHtnA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 27 Apr 2021 07:17:44 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: DgneCHx7EZhOIDJ55mpedg4TvEtmSEafHMClYT/JDPiwpp0+ouEOxa/gw2TSfCPvV3ZuMsJjXGnxf9w8C1Mvrx0G2Ke5qUOVK3OzA3VQPlI=
server-timing: cfL4;desc="?proto=QUIC&rtt=7970&min_rtt=6129&rtt_var=1396&sent=291&recv=131&lost=0&retrans=0&sent_bytes=291739&recv_bytes=29298&delivery_rate=2353751&cwnd=79200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2106&x=1", cfExtPri, cfHdrFlush;dur=12
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 307395f1eb3989f15e6f525475291c86.cloudfront.net (CloudFront)
x-amz-request-id: 22BWF8GKGCF9KS2D
cf-ray: 8ebf4941fa859143-FRA
accept-ranges: bytes
content-length: 16602
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 8dbce79cc95f43ac8e8b47aaca20602f.webp
hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/ 20 KB
21 KB 40ms
39ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/membersite/0000007/brand-template/8dbce79cc95f43ac8e8b47aaca20602f.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a2132cd3cc9812cd4c9d65da701d1c528b2915539cad84b28533f7bd197af8b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: 68rl7PTTF111UH5jirNzXVjjuXLVZyQg
etag: "4af497b8149f8d03ebb6310e30467d55"
age: 7177
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vvxZH%2FhWeUBu5s2Odrm7GDqFM52tZoY8LLtasnQCCPKdWeMCLNC86quYjgkEOojphIAsRS4%2F9mf%2B1Vv0rn%2F2CMrgLH3oJJtCmhqrMS5135Ybr1A57%2FtWymQgo8k%2FCkfSgMenCOEj5q56f2ay%2Bgwhfi9%2BGTw7QQyA"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: LWUsravKx3JMjn_aZgNRpSHDFrYJkEsiMiHj0IGFoyGefHZy5O4Niw==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Tue, 27 Apr 2021 07:18:07 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: kzNfQWng5Js+kq1pkRsrRljPUktHRpGcO0xOjg9U6j3FjGWUUyV11YHMAuRqfc6VOxBFqs+U5BpUlQ3/sD5Zw0SvS6y+otLv2tNvXcGgkFc=
server-timing: cfL4;desc="?proto=QUIC&rtt=7970&min_rtt=6129&rtt_var=1396&sent=291&recv=131&lost=0&retrans=0&sent_bytes=291739&recv_bytes=29298&delivery_rate=2353751&cwnd=79200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2107&x=1", cfExtPri, cfHdrFlush;dur=11
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 56df5811b9d89103539b9b0b5fd9b262.cloudfront.net (CloudFront)
x-amz-request-id: 3DM3J3BZHW289XNE
cf-ray: 8ebf4941fa869143-FRA
accept-ranges: bytes
content-length: 20830
x-amz-cf-pop: FRA60-P7
server: cloudflare

GET
H2 200 get_dynamic_configuration Show response
api.livechatinc.com/v3.6/customer/action/ 388 B
600 B 574ms
222ms Script
application/javascript 2.16.204.97
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=13163658&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fori-win.xyz%2F&group_id=0&channel_type=code&jsonp=__ayt0ywegcl

Requested by

Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.204.97 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),

Reverse DNS

a2-16-204-97.deploy.static.akamaitechnologies.com

Software

Resource Hash

580e062b7be2445352ea7481541595c03c3b075a89e79a2f392d27f288b9bb1b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://ori-win.xyz/;
X-Frame-Options	allow-from https://ori-win.xyz/

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

content-security-policy: frame-ancestors https://ori-win.xyz/;
content-length: 388
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
x-frame-options: allow-from https://ori-win.xyz/

GET
H3 200 PGSoft-wild-bandito_icon_1024_square.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 94 KB
95 KB 17ms
17ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PGSoft-wild-bandito_icon_1024_square.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d06120c838b5ccddfc96dc6813707951ea12ef41f3193cf555114c2c7ba3b836

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: PrtLPQiVkQbYU2tzcQeMtG3Hh4TqleNT
etag: "f6e2fc3643758323ce69906a3c6d0f23"
age: 3119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pGLI%2FSN8ev5R7owUbCkfthebEtcMVueuPLrNYVp4UYKOsajPcJID8odnvz%2B%2BZENpBFCjpxUmBDNU3tIC7k0dvssdBmzmJIt7f5LosrfduTcJituT89kUaYCwO0pRzakoFD5r4eKxOPDhx6v2AVnLkMA3PJOUsU1X"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 0i1JQbfOnVQy5kkYR7mXZDgKVAvF4IPnZXHO8BhAdaqrVJAEBG8XEQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Thu, 06 Jan 2022 05:12:17 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: ClecHYp7JGwW2DGCLKOr5w2FQK2UDOM1mr+WlIGsAxeQyb18zcI+wEvRiY0rmPZwsVM1zSoBOVA=
server-timing: cfL4;desc="?proto=QUIC&rtt=7803&min_rtt=5881&rtt_var=712&sent=1950&recv=312&lost=0&retrans=0&sent_bytes=2248617&recv_bytes=41044&delivery_rate=77595212&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2338&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-request-id: 8X56PMBE4P14DG0M
cf-ray: 8ebf49437b279143-FRA
accept-ranges: bytes
content-length: 96394
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 PGSoft-wild-bounty-showdown.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 56 KB
57 KB 16ms
14ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PGSoft-wild-bounty-showdown.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a9b8b98f8951a4eb9ea7c6bfe906c8ef15265ac2add2a697a276ef1ce96bf35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "9671332bfc61174efa79afdfd59c868a"
x-amz-version-id: GXXAVfDg4xa.dSw_dYCIvt72r5YVtdZv
age: 3119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UP6XTdSKzB1tM2ikxAuxZDXCkIdIy7yHE%2FubrIRYShwFV244IRBIYCu8JCGxE0%2FLHIKTtWkQEhCFnkWtrNvqo6IMgheDomuSXD%2BYAyL7XgMMv7h4Vk5owgrWzrUO5W4kzO66Rr%2BbZB9X6LjSB4CzMeUGBlE7o%2Fkd"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 9v-jXUCAthxN0523eNrFhWynHRqtVjFedMFAcXUnlrl-twCYbo_LzA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Fri, 21 Oct 2022 05:17:45 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: Ezyr7kSxpYVmkl61pB+fHStRJ+Ad5rQaJXW80gOFVuqZcFQ97RaEuDNh8pAKekXWXFy35iJb8ENYaUqtEwDAEaIiyFOnGGiYr+tUIhOR0ZU=
server-timing: cfL4;desc="?proto=QUIC&rtt=7803&min_rtt=5881&rtt_var=712&sent=1900&recv=312&lost=0&retrans=0&sent_bytes=2188938&recv_bytes=41044&delivery_rate=77595212&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2338&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 ad3a844607df41a7152eab5ebe6e4056.cloudfront.net (CloudFront)
x-amz-request-id: ER2TSZ9BVP06RCRW
cf-ray: 8ebf49437b289143-FRA
accept-ranges: bytes
content-length: 57264
x-amz-cf-pop: FRA56-P9
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 PP-vs20olympgate.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 11 KB
12 KB 23ms
22ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PP-vs20olympgate.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c290a963e4df6a09fb7cf008c45f88dc20375906dacdf480dcd19bf7ac2e840

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "d46df5fbf9029a57c73579acce43a522"
x-amz-version-id: m0N5etxlfjdVL1eUFBtgOrCjTLo0mhcI
age: 3119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxM2Iqa8VMBkFEUyXPAdoXC6q%2F1F5%2FLDonHJjTHcIvRdFQaVPDqQimTi%2FyTHDV42jO474%2FeHMF09i9cJs46rQLaipJWqUP0vJuhpYRK4x5nb2EDfaJcwDJCArsc5Y6opTq0SS8P%2FlUve89RlnQ0azFFd%2F2EdC%2Bmd"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: vxbX5KwzSeycgbK0xFJuppoT8MvqOljbnQlFf7lzSPmnAWPL0anNYQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Thu, 28 Mar 2024 04:02:54 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: gESh9KF+a/zjQD3J/xdpOAt+kM38aVPBhZqMKBlo3QV6xsCU6mFgntoEFTEyGIMs72aauR/Td2s=
server-timing: cfL4;desc="?proto=QUIC&rtt=7803&min_rtt=5881&rtt_var=712&sent=2148&recv=312&lost=0&retrans=0&sent_bytes=2483163&recv_bytes=41044&delivery_rate=77595212&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2340&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-amz-request-id: CVACZ34EHP8DJYT5
cf-ray: 8ebf49437b2a9143-FRA
accept-ranges: bytes
content-length: 11250
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 PP-Mahjong3.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 13 KB
14 KB 18ms
17ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PP-Mahjong3.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50296bb423732ce82c23fa1ff372b167ddc8ff66eb2e4883e1785a89c98dd78b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "662e08534bf773d3c97b0c6b3cc10227"
x-amz-version-id: oKpqSBF2bOkb_8rNN4GfZ311Gx5xWhEa
age: 1597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=szthT1GDaD7rlXri5bVI8eLGNabgp3S5hUB5drk6kHNMqCfQal6kWKbOErtRNoHusYOWtoNaZBawQ01r5CgPRfmSO9Dt6b5OwkXreaZjNuG8NwhZZCL8jNklMX3kpq5lo4nxDx2kgl47X3nL0Oba1gri4F6IjFNB"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: Ax-DnUnoUsN_tcUj6jxMLwt0xXVMj9WxNZrXlnChe6ujcvEZ6P3pvQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: image/webp
last-modified: Tue, 05 Nov 2024 06:40:34 GMT
x-amz-meta-sha256: 50296bb423732ce82c23fa1ff372b167ddc8ff66eb2e4883e1785a89c98dd78b
priority: u=3,i
x-amz-id-2: q5qhEFqmK1VougxQd1heMJ1TciL4S22XkzFIcd3vj0bgBDbbtW+oXQVTqmbemYAxvno5WWfVIR8=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=7803&min_rtt=5881&rtt_var=712&sent=2010&recv=312&lost=0&retrans=0&sent_bytes=2320617&recv_bytes=41044&delivery_rate=77595212&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2339&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20241105T064020Z
via: 1.1 a5a8e743f28968822c126102a78bb7c6.cloudfront.net (CloudFront)
x-amz-request-id: P0MSRW2MWNZXSG61
cf-ray: 8ebf49437b2b9143-FRA
accept-ranges: bytes
content-length: 13296
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 PGSoft-lucky-neko_icon_1024_square.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 49 KB
50 KB 25ms
24ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PGSoft-lucky-neko_icon_1024_square.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 922a930f5046637f4f512a7b90262d593b96287c17933131bf16a32e73a6a7d2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: e6.iPOJxIjQw9Hf_vTxUmj7F7cnjmAgb
etag: "131a501a764d236d01f87e4a44d4a4ac"
age: 3120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xce72KupY0%2BjGHpxcrg7oXXsSk7imIxeDWgNBfiP6uhNt8EiOd%2BLDBW4b30BfXS0fA%2B%2BWabNl2IMqNlMieloI7cr76pwdz5PMsOWBj1%2Boac7USTFCOTGUE00TgROojPi4hC7rKXZt9PtO4IwMRnaF%2FWuqf2QviRV"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: j0bV3X_eRI174q30423IUa2ZZ7-xy8_4vV_-05p_sp9ehEUiekH_QA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Thu, 06 Jan 2022 05:12:05 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: wxgvUTT+2J6EyhKaCx7mTdMThNnUbQWUC3OTJkd9/dczbqqcScFXVBRP/InFdynk/em38ozCizw=
server-timing: cfL4;desc="?proto=QUIC&rtt=7803&min_rtt=5881&rtt_var=712&sent=2190&recv=312&lost=0&retrans=0&sent_bytes=2530887&recv_bytes=41044&delivery_rate=77595212&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2341&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-request-id: PAN0PHWMM8KE1MB5
cf-ray: 8ebf49437b2c9143-FRA
accept-ranges: bytes
content-length: 50264
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 PGSoft-mahjong-ways_square_1024.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 43 KB
44 KB 21ms
20ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PGSoft-mahjong-ways_square_1024.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21c942faed198cd9a9216addee5cfb2f3b51c1a25fdf645395a7dfe931a13301

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: bcmSOaJGIoTA09H6qq1wy1hPWo8vPqv.
etag: "ce5fecada4f567f5c889f0f070a28ffb"
age: 3119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TnezudZM2qXXB9zkUu%2BX5LUEcD6TEadDAcrFUB%2BGNk7Rh0BsPMf2x7kYURO%2FTvAlOG%2BG4dWlQckdXKnlUzhpOM%2F1TrElUq65nE3tRX0cO7Bfx8XBjjoIAoTjHEKPDr8KjHolxcAru%2BdoIkC68Jj0ivxBgq6%2FJdY3"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: BbxznW-2Sio6FPxPJ6YioHlPedKTNm2NPVy9ALwqDX-AQ_SKha7KkA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Thu, 06 Jan 2022 05:11:55 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: 6C0JBBtN13sd6YY7rk4+xETL7jNtoJ0nItQrtg8DQIW4zYrIHRLiaLfQG7MCYRwppjR+9/g1k2M=
server-timing: cfL4;desc="?proto=QUIC&rtt=7803&min_rtt=5881&rtt_var=712&sent=2118&recv=312&lost=0&retrans=0&sent_bytes=2447163&recv_bytes=41044&delivery_rate=77595212&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2340&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 87fae571c6ea0d7d1101b71cc2131bba.cloudfront.net (CloudFront)
x-amz-request-id: 1ZKZMHPQ02QRMP7E
cf-ray: 8ebf49437b2d9143-FRA
accept-ranges: bytes
content-length: 43762
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 PGSoft-mahjong-ways2_square_1024.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 79 KB
80 KB 19ms
18ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PGSoft-mahjong-ways2_square_1024.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85e15c884596d8df098b93675777926db0c12ac6f92ec18086a796adc0c71160

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
x-amz-version-id: PnLZLbWLYwkY3xqNbdJ0_aQNJHA6d2nw
etag: "97297a8762ea1aeaa6342fe910d45135"
age: 3119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IndE3qf%2FWLjM%2FaAMm1KxnuJ4H9BgzVcif%2Fjr9HYM2ZX0aWrgSSO6k0RoYabBG5YZhq7YY0N6AJ8lhNlPJ7%2Fq4WPvTVsvWg1ye%2FMYI7VoWRgySxGe5GNBYc5JfOXgJaZMmmEzt0wg9As3X%2FrokJz40E8wdVHAbLWd"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: QY17MUgzXE6R3GGMOeSDA90yaJLArjP3LQFBXrJofN6RrvyKfY-VVA==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Thu, 06 Jan 2022 05:11:50 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: /ESfWtk0rQRckMviCU+4pRYvKZSvw+Ffs844/7jZAfaA27c6tIcpbahUDtTKmNnobn1n1ngOI251TrgOqyr0e5QB8u3HZ4vQXC6GViPyptg=
server-timing: cfL4;desc="?proto=QUIC&rtt=7803&min_rtt=5881&rtt_var=712&sent=2020&recv=312&lost=0&retrans=0&sent_bytes=2332617&recv_bytes=41044&delivery_rate=77595212&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2339&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-request-id: Q1KBWKY44GYKK3E0
cf-ray: 8ebf49437b2e9143-FRA
accept-ranges: bytes
content-length: 81166
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 PP-vs20olympx.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 10 KB
11 KB 27ms
26ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PP-vs20olympx.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3726d19330ad3423d8138819ca0f692295ebe4877a51307bc091e8bf142142d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "49b68fda6c37b3d423269c36597a0cce"
x-amz-version-id: kX7V.85FN_Tz5CQKiY0izXN6dVLFQqEr
age: 3119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kdlPIp3dOZaxK1zRVopN4n9ECTXyx4LPW64xzOlHjMz6bcVibRdbXPwcyc91BTXTAGcIckRlFpiR3BXQ7oucB89ntI1uCxj27M9d82K%2FojXMYTnVT5oSFEfHT4WLuZKBYjdjSoTKI3TsCtsJYOnnl%2B21G8T1RmB5"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: oVUk8JfFOQZHQs2Zw3yXCoPTu5LN0kSiGPPeP2yq9z8zMPgLeg6kMw==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Thu, 28 Mar 2024 04:03:32 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: MhnTWGi5SJOCXpZaearLtsMe2VibvK9Wvmd9hUtBKJ/RUSRDh1V218i9x4vw0LvhwcmisJu+wkcF6URTTUDchO+lWmSY57yqi6eJ9bXa8BA=
server-timing: cfL4;desc="?proto=QUIC&rtt=7803&min_rtt=5881&rtt_var=712&sent=2168&recv=312&lost=0&retrans=0&sent_bytes=2505582&recv_bytes=41044&delivery_rate=77595212&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2340&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 3a52599b74209adc8297b59f7eaa4bce.cloudfront.net (CloudFront)
x-amz-request-id: STGJ1JBHM9PHYGMN
cf-ray: 8ebf49437b2f9143-FRA
accept-ranges: bytes
content-length: 10454
x-amz-cf-pop: FRA56-P9
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 vs-kakekzeus.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 12 KB
13 KB 26ms
25ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/vs-kakekzeus.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce55503de60d5add9600d4add9c6a8a2bdf8543fec82c6b537ec07100356be7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "a9edb77bf59c94532cf2233e2d490ba2"
x-amz-version-id: UT1sTtp9_qPzn2QuWvgL77SXcg15BDPG
age: 3120
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0acBb5Fu1XYnqBcFTpBhzm9Cx4LrNbajbMCN8Uv4dHAVUMtqsBEruAPheMy5lSLvq3Uhh9OB3gH3Shg4CapH%2F3cdRTAXk25wKDD6I5ZhZmx%2FSEym3%2FAw7LG%2BEV3wRzwzlD7Nooe%2BGL%2BqQ7wAlOEFhtZ84kqWVK%2Fs"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: z_hpvFb0TIfnk0QSb5ic33tshe-avzqOTYlhvfihAQBuzhmNzHZkfQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: image/webp
last-modified: Thu, 28 Mar 2024 11:27:46 GMT
x-amz-meta-sha256: ce55503de60d5add9600d4add9c6a8a2bdf8543fec82c6b537ec07100356be7d
priority: u=3,i
x-amz-id-2: 4oPZqBtl+TDUXtK6vYfaJS9jxGRO4xGRwHXHG9H7+6WPCQIu+puD/V2q63NhxOfQqBm23M55onk=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=7803&min_rtt=5881&rtt_var=712&sent=2168&recv=312&lost=0&retrans=0&sent_bytes=2505582&recv_bytes=41044&delivery_rate=77595212&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2340&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20240328T112739Z
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-request-id: 174NARXE78VZBC7B
cf-ray: 8ebf49437b309143-FRA
accept-ranges: bytes
content-length: 12054
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 PP-vs20starlightx.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 11 KB
12 KB 30ms
30ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PP-vs20starlightx.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cda4a9fab1778d8757e18298e8333f48252eed2d4bb2475bbd2b0b860b30206e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "981e80e370104a636dbf0fa1c50c5b9b"
x-amz-version-id: 14v0GoImXqce4UGoGY0EmgLYBN1.Q1if
age: 3119
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pXoi8pglLOA5acOIWszl6y0JQThUTFaF0qnNaxqtH0s7Cf%2Bd9sPPImzLgRxFnmgUP7JUuWQBDInqgueGldu%2FWnezdgTaF86xSaN86PXQEjtRxUcyzjHA%2BdZcdEfSt0dzAHYxkfNCDa4cd1naUzDcfDy0fI6%2BrzdQ"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: C6oa7hUVoBjx4_Wo8TwkNd0tbnk7ZyZhMBieoOXZJOKzJkfp9FQz7Q==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Thu, 28 Mar 2024 04:03:45 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: 5He0fm385u73y4yjf8bBiqyt/UpSMTpFM8UIDKY/ZuJEvDjmtkqa0ldhozgjENMeedlWDssnvFh100dfQ/NVeTrl/MsecTMqr7PXJ5DQ4vo=
server-timing: cfL4;desc="?proto=QUIC&rtt=7571&min_rtt=5881&rtt_var=998&sent=2234&recv=313&lost=0&retrans=0&sent_bytes=2583388&recv_bytes=41089&delivery_rate=3350&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2342&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-request-id: 6W64EDCE5FJRPAX3
cf-ray: 8ebf49437b319143-FRA
accept-ranges: bytes
content-length: 11110
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 AG-Togel.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 206 KB
208 KB 28ms
28ms Image
image/webp 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/AG-Togel.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af83b7ee7cfb61946d7eb6ba91e880ba5b8ff9d6ed83ecb04823462c000d8229

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "20c6b76ae7eeb5a48928334f4fa1c600"
x-amz-version-id: QjWjguZGg8.uThJV6S.eBqgytmzn_GaH
age: 1597
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YrXLEKPaBVe06mzNA99%2BYK2KLvOozA%2F4VEUnXn9zEXpAnubAHMsyLRRp%2BC%2BciBYE%2BAYZdTa8sThxSWUi81SdQEOZv3ykrNUzwD1WDq8tvkBrObJy2kmMXel%2Fcf41hCbIRfnGcGkMc8qi%2BFmQ1FwDEBZQZhFxYN28"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: bcGcQNvfcrV25rbFcyNFG05m_qcpd8j36gX7CYv00VnnAnRUZ3XUfQ==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: image/webp
last-modified: Tue, 26 Sep 2023 11:09:27 GMT
x-amz-meta-sha256: af83b7ee7cfb61946d7eb6ba91e880ba5b8ff9d6ed83ecb04823462c000d8229
priority: u=3,i
x-amz-id-2: 1PgLYSoYCBTxoiHhYV3ELiczU44H1pTm0K781upQxnnc9ABQvlMpet4Gqseue7SDTVt6vEQOiS0=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=7571&min_rtt=5881&rtt_var=998&sent=2245&recv=313&lost=0&retrans=0&sent_bytes=2595856&recv_bytes=41089&delivery_rate=3350&cwnd=817200&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2343&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20230926T110713Z
via: 1.1 f5af2731a86629973e69564f824d95be.cloudfront.net (CloudFront)
x-amz-request-id: JMPZ6WWZ8MH0NPP5
cf-ray: 8ebf49437b329143-FRA
accept-ranges: bytes
content-length: 211354
x-amz-cf-pop: FRA56-P9
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 money_icon.webp
hiewr.h85cndf2moxnwjz.com/common/landing/t1/ 1 KB
3 KB 15ms
15ms Image
binary/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/landing/t1/money_icon.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8930578dabc0833a4e15b53695cade966bd55a91f8e909ceecbfcc012d897e8d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "6452b400df4b66585e2d8c7c6519750d"
x-amz-version-id: K9D1UGiqvpluc.bpWjHA41Dp9.jJTAuS
age: 234586
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNKOzdvFx3Q31gNg9gWXfMFKuDwmcWNUOGV7eYWRHAWEUGxwM3QKA7yV0IIgBLjsJoX%2FUk3Y66BQH3SNk3cfRg0HwAnqRIGqrtfgso2ePGfcKsjBFtyR2aaJ%2Fs3ggaRPQQyZ3goofZMGIPQRDhSx%2FIywBhQshj5d"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: SHm23KcXR-H1-B-ErGEtpO7YVaU5BVrxVh52-CYBOHSejeT4NuxP4Q==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: binary/octet-stream
last-modified: Tue, 09 Feb 2021 19:58:25 GMT
x-amz-meta-sha256: 8930578dabc0833a4e15b53695cade966bd55a91f8e909ceecbfcc012d897e8d
priority: u=3,i
x-amz-id-2: krOUAP24Ghly/+Y68OJFlFVuGgj2j673K8Bezvj2CnxvgeBqLcqfNLdxZhqn2LrAtmVLyxWMhUVN57LsOTZvAfNHfPoOXnAmXVAXFeJon0g=
vary: Accept-Encoding
server-timing: cfL4;desc="?proto=QUIC&rtt=9295&min_rtt=5881&rtt_var=3949&sent=2497&recv=381&lost=67&retrans=67&sent_bytes=2892487&recv_bytes=45204&delivery_rate=8893148&cwnd=572040&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2375&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=604800
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-meta-s3b-last-modified: 20210204T071844Z
via: 1.1 5b21c56dde1a436b4b6766d2406627d2.cloudfront.net (CloudFront)
x-amz-request-id: 92FV4TYEK9R7ZKTQ
cf-ray: 8ebf4943bb4b9143-FRA
accept-ranges: bytes
content-length: 1532
x-amz-cf-pop: FRA60-P4
server: cloudflare

GET
H3 200 PGSoft-35_152_GladiatorsGlory.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 8 KB
9 KB 17ms
17ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PGSoft-35_152_GladiatorsGlory.webp?v=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 81132e4d8566a6425c5231c1d92ebcf53764860f5518806dfddc1d12e96dea01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "c9e4435af9840752152f7d01508273e9"
x-amz-version-id: pvM.eAfpIMkCR8C_l2R3Q.dmaLcZJgoZ
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S93X8g0SaKrCtCVNHJQCXojEwHJJlZ8DTfUlYUGRLnktgcFCAQzMx8fYWX8ymoBplRBcJsXqDKgO%2BzG3K2Esv7hGd5QgKz4K1zd8MYTQ9mZbCjZl3y%2FlpA5fnn4c14Kp6VH7txcZ4PNvtDSK3Nl3jFOVYR5ahZrf"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: 8MJaucRgTPd9NQ6J1KPYB4fgaKTpglLR2H9MfA2wG4r5_dHL3nl5xw==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Thu, 23 Nov 2023 03:34:29 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: X4bSZayi8s9ck1v+NTtZxFGTPLmuWT5xndmImgeRFATKbAdw4o42DpxVUNFli9QjdqV77DKlVwM=
server-timing: cfL4;desc="?proto=QUIC&rtt=9295&min_rtt=5881&rtt_var=3949&sent=2512&recv=381&lost=67&retrans=67&sent_bytes=2908534&recv_bytes=45204&delivery_rate=8893148&cwnd=572040&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2377&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 7bf0fe9eca07efaffe6363062053f386.cloudfront.net (CloudFront)
x-amz-request-id: V65NJPQDB0DCW2QJ
cf-ray: 8ebf4943bb4d9143-FRA
accept-ranges: bytes
content-length: 7732
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H3 200 PP-vs20fruitswx.webp
hiewr.h85cndf2moxnwjz.com/common/game.thumb/ 12 KB
13 KB 15ms
15ms Image
application/octet-stream 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hiewr.h85cndf2moxnwjz.com/common/game.thumb/PP-vs20fruitswx.webp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2cad37623f24a42f3fc2535dda07f8c87a143edebbbd438defd55c793edfc82

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cf-cache-status: HIT
etag: "ccfcaaba101768510a2ff485cad5bb3e"
x-amz-version-id: N1TxezvYl5rCj_MYKkrlxx1T2D2bn8DR
age: 7178
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xo%2FYPWAqZtvZVmaXv9Arcz0XvhGfa7CNBjpgq34C%2Bmqj%2FkD%2Bt6Y5X4yH3GDQqJp%2FU2uqsBeQ7QpsPw%2F9kXk%2FiKEVPgz324%2BX9VByJ3ljrGKEzzf42v2ITIX%2FB7Zvs2PNJErdNWxtEdoMto7dDahFyzCWW5tQERJ4"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
x-cache: Miss from cloudfront
x-amz-cf-id: nnqiXcg3mnZCiPyc_ZtGJ5_jFSvKG5uH6X-cRf1IZ_Er4v8iA-NYSg==
date: Tue, 03 Dec 2024 00:02:08 GMT
content-type: application/octet-stream
last-modified: Fri, 24 May 2024 05:03:45 GMT
vary: Accept-Encoding
priority: u=3,i
x-amz-id-2: kr+A6+kfsNZKqPtHLZ/9AOOBWRAI+woYRIoekZtnB2/yflIMDceeGeqEpF8bpq3bKVUjDKt3P4EyM4EsCmO90tuTQc2dxZfsZQkypOywkXM=
server-timing: cfL4;desc="?proto=QUIC&rtt=9295&min_rtt=5881&rtt_var=3949&sent=2500&recv=381&lost=67&retrans=67&sent_bytes=2895231&recv_bytes=45204&delivery_rate=8893148&cwnd=572040&unsent_bytes=0&cid=3f34c4c516c6b97d&ts=2376&x=1", cfExtPri, cfHdrFlush;dur=0
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
via: 1.1 8b360b28aeb67c1982fcc466a05eef02.cloudfront.net (CloudFront)
x-amz-request-id: PPBAJX6MHV54HSJD
cf-ray: 8ebf4943bb509143-FRA
accept-ranges: bytes
content-length: 11912
x-amz-cf-pop: FRA60-P4
server: cloudflare
x-amz-server-side-encryption: AES256

GET
H2 200 gameProvByGameType Show response
www.aryagames.com/member/api/common/ 3 KB
659 B 516ms
272ms Fetch
application/json 2606:4700:10::ac43:69a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.aryagames.com/member/api/common/gameProvByGameType?gameType=LIVE&brandCode=0000007
Requested by: Host: ori-win.xyz
URL: https://ori-win.xyz/static/js/client.3bf36311.chunk.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:69a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 05a66710be482789d9b803bd3520d685ea88d9002a394121efc6f987e31ddb6d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: application/json
Referer: https://ori-win.xyz/

Response headers

x-correlation-id: 0HN8D0I4N3K5A:00000001
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8ebf49454a71d3c1-FRA
access-control-allow-origin: *
date: Tue, 03 Dec 2024 00:02:09 GMT
content-type: application/json
x-powered-by: ASP.NET
server: cloudflare

GET
H2 200 get_configuration Show response
api.livechatinc.com/v3.4/customer/action/ 7 KB
2 KB 229ms
229ms Script
application/javascript 2.16.204.97
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=73133575-6ca3-49c0-a0bf-a8ac41dd134d&version=1251.0.1.100.25.147.69.1.1.100.1.6.1&group_id=0&jsonp=__lc_static_config
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.204.97 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-204-97.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 74d1cfdf8af422ca5bed16b4fba587e6390e5cb2960de556af0eab08f70ff732

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
cross-origin-resource-policy: cross-origin
deprecation: 2024-11-30
expires: Tue, 03 Dec 2024 00:12:09 GMT
content-length: 2189
date: Tue, 03 Dec 2024 00:02:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET
H/1.1 200
OK open_chat
secure.livechatinc.com/customer/action/ Frame 149F 0
0 602ms
439ms Document
text/html 2.16.204.81
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.livechatinc.com/customer/action/open_chat?license_id=13163658&group=0&embedded=1&widget_version=3&unique_groups=0&use_parent_storage=1
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.204.81 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-204-81.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://ori-win.xyz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Length: 774
Content-Type: text/html; charset=utf-8
Date: Tue, 03 Dec 2024 00:02:09 GMT
Vary: Accept-Encoding
cross-origin-resource-policy: cross-origin

GET
H2 200 get_localization Show response
api.livechatinc.com/v3.4/customer/action/ 12 KB
4 KB 555ms
555ms Script
application/javascript 2.16.204.97
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=73133575-6ca3-49c0-a0bf-a8ac41dd134d&version=d41d8cd98f00b204e9800998ecf8427e_4d9803809b7db0fcc50053233278fdaf&language=id&group_id=0&jsonp=__lc_localization
Requested by: Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.204.97 Hamburg, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-204-97.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e6e1089077d4f6f946deeea3b56488e8cda31210edf4c35d11c4f6506205d8f9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cache-control: public, max-age=600
content-encoding: gzip
cross-origin-resource-policy: cross-origin
deprecation: 2024-11-30
expires: Tue, 03 Dec 2024 00:12:09 GMT
content-length: 4282
date: Tue, 03 Dec 2024 00:02:09 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding

GET
H2 200 71a09e362ef53868cac51ff735e04fa2.png
cdn.livechat-files.com/api/file/lc/main/13163658/0/ec/ 8 KB
8 KB 79ms
58ms Image
image/png 2.16.1.171
AKAMAI-ASN1 Akama...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.livechat-files.com/api/file/lc/main/13163658/0/ec/71a09e362ef53868cac51ff735e04fa2.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.1.171 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS: a2-16-1-171.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 72556524c9dbe32a665ec9a8621cb11b88f02672f05d46524c0b41dcad25496b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cache-control: private, max-age=28831
access-control-allow-origin: *
content-length: 8342
date: Tue, 03 Dec 2024 00:02:10 GMT
content-type: image/png

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 14ms
14ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XSCBCQCVWJ&gtm=45je4bk0v9172504672za200&_p=1733184126198&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1699786867.1733184126&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1733184126&sct=1&seg=0&dl=https%3A%2F%2Fori-win.xyz%2F&dt=ORIBET%20%3A%20Situs%20Game%20Online%20Gacor%20Deposit%20QRIS%201%20Detik%20Langsung%20Masuk&en=scroll&epn.percent_scrolled=90&_et=4&tfd=5936
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XSCBCQCVWJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://ori-win.xyz/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://ori-win.xyz
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 03 Dec 2024 00:02:11 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.accounts.livechatinc.com/v2/customer/token	1970-01-21 11:02:24	Name: __lc_cid Value: 6162a26a-2826-42e2-9fdc-5d699d7a586f
.accounts.livechatinc.com/v2/customer/token	1970-01-21 11:02:24	Name: __lc_cst Value: 43ac7f7e02270c66494f3c6f4ed804cae4704e0017123278b99065d5616e00887114b709afb4bf1a2ca3bd897d9f2da19c4bdb688b1f73d4e9b747fbdf80
.accounts.livechatinc.com/customer/token	1970-01-21 11:02:24	Name: __lc_cid Value: 6162a26a-2826-42e2-9fdc-5d699d7a586f
.accounts.livechatinc.com/customer/token	1970-01-21 11:02:24	Name: __lc_cst Value: 43ac7f7e02270c66494f3c6f4ed804cae4704e0017123278b99065d5616e00887114b709afb4bf1a2ca3bd897d9f2da19c4bdb688b1f73d4e9b747fbdf80
ori-win.xyz/	1970-01-21 10:12:00	Name: HstCfa4819056 Value: 1733184126340
ori-win.xyz/	1970-01-21 10:12:00	Name: HstCla4819056 Value: 1733184126340
ori-win.xyz/	1970-01-21 10:12:00	Name: HstCmu4819056 Value: 1733184126340
ori-win.xyz/	1970-01-21 10:12:00	Name: HstPn4819056 Value: 1
ori-win.xyz/	1970-01-21 10:12:00	Name: HstPt4819056 Value: 1
ori-win.xyz/	1970-01-21 10:12:00	Name: HstCnv4819056 Value: 1
ori-win.xyz/	1970-01-21 10:12:00	Name: HstCns4819056 Value: 1
.ori-win.xyz/	1970-01-21 11:02:24	Name: _ga Value: GA1.1.1699786867.1733184126
.ori-win.xyz/	1970-01-21 11:02:24	Name: _ga_XSCBCQCVWJ Value: GS1.1.1733184126.1.0.1733184126.0.0.0
accounts.livechatinc.com/	1970-01-21 01:26:24	Name: __oauth_redirect_detector Value: counter=1&t=1733184160&tag=05332375cba83648af984f396c3d6c412c39b2a1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=2592000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.livechatinc.com
cdn.livechat-files.com
cdn.livechatinc.com
hiewr.h85cndf2moxnwjz.com
link-ori.icu
ori-resmi.xyz
ori-win.xyz
region1.google-analytics.com
s10.histats.com
s4.histats.com
secure.livechatinc.com
sohogroupblog.files.wordpress.com
sohogroupblog.wordpress.com
www.aryagames.com
www.googletagmanager.com
149.56.240.31
192.0.72.23
192.0.78.13
2.16.1.171
2.16.204.81
2.16.204.97
2001:4860:4802:32::36
2606:4700:10::ac43:69a
2606:4700:3031::6815:2f89
2606:4700:3034::ac43:8940
2606:4700:3035::6815:561c
2a00:1450:4001:81d::2008
2a06:98c1:3121::3
46.105.201.240
0077e95f870ea403c2c57eb6b1344425240dbaa97d1162602c07d3c484071c80
0083c6c95c49084f06e7d620057482e32d8598398972fa3816d9adf640ca21ff
00e503e2f77a11f33b7c41b52e6ed754098f286570c091db5a6651ba8db074a6
015b1def988ad795f7eecbe66e1a909b2f66a0817f6888e165bdc46220b5df64
01b4e7a8f9ee4d3ed9081b86221aecd2534d99d692339f38843ff0ca7cc654a3
03f9cd544e2f6a51185fe9d8b6a2238edb139164f7cd11821d82fa3df9b64209
05a66710be482789d9b803bd3520d685ea88d9002a394121efc6f987e31ddb6d
067f8fa4cb603d1e0ea5b06ffab34c33e5f43c05c7ee0fa51e1562a3ca264ca4
0991fecd13807552539382af8cc902772d6496f16995d6ccb06f7a5a702bb2c6
0a4df4278901d4e06200be238f3cec721812be9c6ecd7594b3ae6d413f773773
0c23576fa12eb371e1a446fe96fdbca81ca6eb7fbd9a371def2e15751c0cd6d5
0c290a963e4df6a09fb7cf008c45f88dc20375906dacdf480dcd19bf7ac2e840
0d87d8bcd80e96f4babf1480e3d27c8b3857ef4899645b478c3a54afa978877b
0f12a5877e88f3815862421497a5195fb45bf6bbc9d52dada608b33c69d08975
0ffe4a7802db8a5d6dbabf428399dab6047ed94e57c12efae70603f40682a12e
11916306f8becddb6127697b45961a4736791db5ac8c3a668ccf7349f6d4e90a
123dba3cb2c7d68a6bc6d500fe9e35c1319164879d5f8c133ac42d66996b0a3c
138e16e5f90b6ae4fb9ab0d4f313c46296d52f9929e3d8a3eeedc277f001c04a
13ceb858e0c9cb7461f930f8e6d4502d398b5c56cd5a0b1b64f793354e0818ce
14d70f3198f5edf76a86ad92a256dd486dc1fa3754d8c82daccff00cddb4aa16
15a990f5bd1fd37ec7f1fb86d62bcdf39cdebebd6870bfcd8fd7000174ec1d47
18ccaceaf76a9575d644290053bc745638e239b304f504aa7a57904fc50d6d7f
1a58806ce1f660ef08e3098a885d27f5693229da9426a49d004c0a0babbecaee
1aa3598e3effa3c9be12f72b0b383b47e0b86c5e284a1d8fd204b131af1d9717
1b54cb082d6cb59a14f845fecd9ff1e703e6b78ec8ec78e6083412ba138f0bbf
1b91ff924cfb0ab57b29660e3364ce37584754b6dd1f2218f90df02d0e5ae88c
1cdb52253328f168eb318a46db0a6d2b1adb3c383de2e80d0a4c993993348621
1d7ce374d0f1d1b27b283d563f746d78557127e254cf244f2ac76902b202e202
21c942faed198cd9a9216addee5cfb2f3b51c1a25fdf645395a7dfe931a13301
22a0f8c0c0f566641793329c2fee495d2b86f776080a452c8dcd83215242362b
255df51c64fad60b79af3fdad5cd3bf383b5efa6b7c647eeef9702d170356357
25ff61a60b8c94e9b6bf71b4783fe15f54d772dcd9789c588d79abc11a75b15d
2ad57206f8aa83dca703e98a0b3162411ec9eeb958131a4c066474826c4690c6
2af30b1ff3e3eead97a09c08609e1e573eb131f06c1c43589e27bf85dcfaa693
2b18387eb855250db07f02fb6db90e2902d9ea0d048463c9e87b025bbe569856
2bda27feb2e97b82403952356a3fc1c5a8cac1be0acde46063d6277958ea8a41
2c9bc0c723af88f8d6d3c8de2bd56660ce41577d15488d89f83a657ca5f5e0fa
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
3098c0ab9b5725056159402227098464203155f347c72b5dbaa3410957fabe0e
32bfff58cb190636b8353c5b7261385117157069def7cf28fb10f9e676f1515d
34b048ef8224ea0c369e72bad77578c9f0543cfb03266ae85898c48925aa0eee
34d1ae69b231d46ff6beed320d6446e8228347e62331fb19147a1b536596a3f3
36e72519e4de23f8499afcc777331149f317f500f6bb63f0dc0811770a266d94
37dde6594148d8f14366fc3320a27fc54b2e50785e5a289527b639c7112adbf2
39dff364559118cbce1e41e703a30ba1ce9774dae390d892f6a38c0edf138a97
39ef149702216bc74c0ecdbd060d9cd94f5e9a87a0f84ed6c19cb1065ac544fd
3a2132cd3cc9812cd4c9d65da701d1c528b2915539cad84b28533f7bd197af8b
3a2c352b5480c07b497551620488c18c515b07dc6b758bd21312136d7b300d9c
3aa9c1749676dd3fc6fea658ab0e94c443c5b98802238077cefba540d9818cc2
3ac92162c0a4e45d4fcbae2db7a4c5114762a2b19493be39feb58387caee555c
3c7d4a77b37587c2a9fa3df8902a068bf78b2faff39d083487621dd2a916b05f
3d0cd0aea6f713f0e18b9223038801a8e418f8a97222c177108f042a66dba5be
3d480dce05c372fd938ca42166d567638f93a6b601f8d9ab635698e0e5c94901
3e64579c39ffca5c6f4ef84e4381dcf4274aef5c665a638efdaed29c32c85243
3fcbba9d341378b70cecb70da8046aca390461d6d45ea0c6aa1f40b9d3ede521
3fe35a6e268819a720f6fcbc20bcd6e75efdbadf471ce0ebc298668f21a56c4a
419ec7254d45f8e6d467ea8296a0b9d35d02b94bc4d50cc072470c6ba7ed0fa6
44800009fb1c29e8b59853d73d939d8b2969a1f1676274b2275ebc4777c8f0ad
462fc9b25635deecc13e8fe284850026e76270caaf4d286a1a29e66a39c64bbe
46dacfb706a88589b6e3a656be995f9f1f90acef5360b84af1df9c56b0656b27
4bb64a5c8df4bf52df1cce0316c90ffe13e89451267def9f063af196638dc5a5
4d3aef05f8badb802b9c0271030508e3d320da3186a1bad7b1ec866d45954acd
4d55141a381fb3c6a5225409782561a0d3f77de214b0cbc7ddf6023224a06bfe
5016a9bc54b4e59bb1c2cefedb72f63345ceb0b03d92b8230032c9ba42a6b2d7
50296bb423732ce82c23fa1ff372b167ddc8ff66eb2e4883e1785a89c98dd78b
51058461d22f260c99bc5b6913d17dc3591f4fa22c82e70ed1320635b13c43c6
5108eca87fa490d07ad70c4ee9413ccce8dcc564e6a2863f403fa833a01cbefc
55787b9e228ff1fdc5c9fd2deec594916976ee92eb0a6d6362ffa0331cf99d36
5643a908eb92d1b684116ab41d4abc4afe22be3b667118568772d290bdf98393
5677d70ff3f3dc4a2d717bee990ed7193d0d620d9718d2d44af8721b3f315e56
57286ac38494a319cf8ab7f6e5dc6e18bc71306ac56b2224d3e7ef0acbb6144b
580e062b7be2445352ea7481541595c03c3b075a89e79a2f392d27f288b9bb1b
588a427fef176556f36f4ec84ce3dec509be1276c6c0b3085ab39a4c32d75745
59811a4c1b47f1ad7212a4883814f6808419592d56f76f8ee69131ef591ab3a8
5a033eb003735dea9aeb9d88aeaefd78b13120ce83d1c56a6106acd96164c64d
5a44dfe14c831a16b8d5835ee62f4a5afd4f435e09c095af6892c896968bdf29
5a9b8b98f8951a4eb9ea7c6bfe906c8ef15265ac2add2a697a276ef1ce96bf35
5af69df4d101993816907149c7bdeadf8fc41ba166d2523a3df26bce131d9544
5b1d3df30ca74769cc4e3178fb5ad8b702361f218ea81dd1492c244a31d3ad18
5b35698d5f191b55d85cd010c78092c48f6d1a150d5576275ca510876c966ff4
5e6edfeb9f53de5c3e3be17b587ebd4b5ea8504fb38ba92be9271c7a6945bb03
5f840c21ed3d02f73150092882759761a3a8edd84cbc362fba87aae48f920a41
61bed2b3d6f7e7c9422e3ca4161424794870b3514050ee5c38d8df91bbd1f933
64b68e68256a6c2d9c48bb76e49e1dbb4710b2c7a510ab5c42c81e5e1d1bb107
6616845413c55ce97d7594030133cc49c73eea34c11dffffb3bf2ef827d8629d
66937c6fc0d62bc7d46b2b076e190e8ae1bcd888de971107c6882d7c71d9b446
681c648bccc2a4d05bef5f91a75e2407a6cc77930a9120d63efc88316355cf6e
6840e95190c6062f4a77ff0d889275372da01bad41eed0d97e0390ef9e14c36c
696e8f5e4a64889469b9b1f259c08502e1b376aea17246b08691f5062177386b
6a20f2e3e22472e04cf7de1ae0a46035834b606c0d47370448eaafc65678a020
6b7f0edfe5f70b8f10f7b0f0508514b4b5c7a90ff4bea9f290dd9e71730382d3
6d07e18fdf295cc8ccdb84c64356ffb8caebb54d83285e95e7ee59af8228075b
6ef80c471adeeb08dd54fba1693450c80f6fad9012c5005c5fcbe44f376c8631
71271c28cfbe0a4ec260818ffbfddecf4632887d58b9fc09ae734ec694c14188
72556524c9dbe32a665ec9a8621cb11b88f02672f05d46524c0b41dcad25496b
73aafa0154205437f17a6e71d38bd7e4738c21ff5032f8e66f857bdaab1f07a9
749b0ca6b0318046e3344ae2e6441aa73b0732073bc6a12e83c5ced3adc77ad8
74d1cfdf8af422ca5bed16b4fba587e6390e5cb2960de556af0eab08f70ff732
7b4878cb83bbe8789bd99729e89c8f749f667d611998facdc8555443aa02347d
7b8713d7f9dba4b3cbafaaab55ba11e28312187ad4ede6941decec31e2e80275
7be9186cd1096f900b9e35643ab0ff3d6811bd91d48137c746bc69441a34e279
7c781eedd768faf584e1ab6238f08facf26e7d12a0a5491b1f53b5ac884c7be1
7d5003d856d36762de392e349596f6a418fe621dc9bc261a9b2239fa8c1166cc
7f803e41ecf56b105df265b998600474236ac5042767c3f9df1723e089c11c64
81132e4d8566a6425c5231c1d92ebcf53764860f5518806dfddc1d12e96dea01
8179196dfe53174e17de7188632a1d5ae8369abb2290d02dc417d2aa8772d531
81efa3d9f0b2999a64c52f2efa9e425cff1a2d4e887be0f97267a8035ed204ca
85e15c884596d8df098b93675777926db0c12ac6f92ec18086a796adc0c71160
865377def79c09d847783482c5448fa2eefedf13862142950e3b8b1ec19d947e
8701fd8c6a477d349d95cde44050768bf55eaedfadde6841d40411846a58359a
8930578dabc0833a4e15b53695cade966bd55a91f8e909ceecbfcc012d897e8d
8a6f815b845b3e9582c26fae94d6d272e977ecca4b38d08713a88264380e84df
8af7bd5b545567adffb3dfceb5bedb353a522d7bf1b3a2b8af7b6064156babc0
8c924919361c5035ed59ede91ca97ebff1c00eba99b7aae914cb134c8cac4ccd
8d592e98948c6984ebfb3cee9c4050e9077db8dbd7caabf9e24f2f82c0ddcfb7
8e5edcd24ccfc683f6935ab1d2e400585c1e15408321e41eb56f3833e56f207c
8ff0e1b2d22d179fb1138b0e5bf5487a2fe305ffa59adaa92f9329e0c49aac97
917010e5a384075efe1d65a3fe874eeaf78d76edd9b774354deb9278c31b2402
91fccc17e280698c2ec6a8333f13ca0bef469b716a70824b631c1cf0a3c4f05b
922a930f5046637f4f512a7b90262d593b96287c17933131bf16a32e73a6a7d2
92e544478afb60af3d77e3c9bbf273c6164c3e18341e277b253c00b9383ec691
94d41f98e2635acf4253b9c83f5b42ea6da94c164ab6b04c40bfe30b7fcb1b49
9925646b5e7075ea0b6bda99e7f4cc6e5cd73d40f086d049801bf94ae0c8edb8
99abeb3d8b86c6c104e64951a9eee2331384eba0cf357a9de2c063e15e6361bf
99ed8c1182ebad9cfd751a5d57cb56abe8bb11ea8c5aab1f51ce7a929eb09dca
9a00500058052923399644ddd83d3301de72160fc2480780b382619b91cb2c63
9be70928f47f4545656a3f3f787ebb2877b189129ad475fc970d7a029decaaeb
9c84e6c3a1c6b0a22b4b5d0e7ea50adbc15230fa551eea8f2af7a0aaa6bd709e
9cdf2ab86eaefcc9b040830a2ed1f93d5f5ead25fb142dfd7c3fbe209ba342ce
a03ba53781c3f8679beec49211b83c3c6b0ef258465d4ad7c984d87861f072e5
a1eeba10f1b384ec936830cb772cf211747d696176152cccd4a12a485cb1c1d2
a3726d19330ad3423d8138819ca0f692295ebe4877a51307bc091e8bf142142d
a5e1f39b07081f848e2019192a4ed627178fdb5b4712718f3a9d6f983408c027
a64ebc3cc41719048b05d570f4fe8c378382bd95ca045458ea25f5bbc3413de5
a9326398ea393475189641edb97e55a2dae5220268137d9047e6a5dfc846b9f2
a96ecef95e23b0366d5e75fe3d47932f08ef36f409ce68507b806224430db6a4
a9ecd16ca55e87719d5d8a7b43cd08adffec5bfb2b90e6c142c7222d71e6ba70
aae0a0235dd8fb6c1c13364b5475485bb1b6663b5e6cdd3346fa3a82b9c8f2b9
ac0433e35415eeb4d6744a73684a281f92962c53f400acba5122009321f1355e
af83b7ee7cfb61946d7eb6ba91e880ba5b8ff9d6ed83ecb04823462c000d8229
b1597e1e49afe76491fa2405353ab0eace948272d279db7e0ec7cb5468cee007
b16fa618e93e024f3aa25b078d7872fff62fff8d55b467975367a1b05b01c9ac
b311d7f128fc60a7773d710d581f5f8d9352cfaeed74fa14470e492a6e2b6ce5
b596f1c31c496c78ba2653dc01065eb76d0c7fda5595f9363e6abe36ce1f6e67
b5d1ba0f05b8ffa85aeb278482c80055742a57507b523459ea52d1b4ddbca536
b6f9db9e45be20f3c1312c97fbee7ec36b7d8280f8caa4d53c9ba0408cc9997a
b9a11e877ed05bfccfec40090e09678da2d25f0e6fc95b9855db213361eebc62
bab2e0a6e709b71b33dc3655dc027d3497676432c3a5f8005c7e014c0c16acba
bd9630aedfc200af33df73edd9f04c57c5aa43d24c1996bcaf85c6e79f2e2ec3
bf23f7dd305f9c01b9f63d4ee74398ba30d76cba1bf5b7f9cfbc3b5cebfd51aa
c2bd90034bd6b6fa87653aefbf49541c54d03ebe332636c26ea70ef440dae2fe
c46b7f23e9186df2666b1982fe1f7243ca263970ef55cfb5beb6a49a015316e3
c6d620c3bd9cff0178de495bf40626a61b6e146f28276d70445dcc88bab9ea6d
c98d867aa407894ddda967a0fddc5847b44562137f6c83bb1a213d8956a817bb
ccc6630c4923243b9dfd34272b6f61827533a3c5c905bf3dac6cb6ba493bf25c
cd5d6678aff239cd05c4333619adc96016fd27c038f64b2182fddab3d8f114ed
cd8b9feb00728e07feade0509d065aef51dd099fba936e7beabbf2eee113d79f
cda4a9fab1778d8757e18298e8333f48252eed2d4bb2475bbd2b0b860b30206e
ce55503de60d5add9600d4add9c6a8a2bdf8543fec82c6b537ec07100356be7d
ce73ecc68ffd76b72ac10e2a988099748658dc03236671c856f3ed89f53c271c
cfacb332737b10102ee6a70a19e114094196f6597a824a746015d5c4bb40cdfd
d06120c838b5ccddfc96dc6813707951ea12ef41f3193cf555114c2c7ba3b836
d07a00fc98b62b50fdcd4f7927e04aeaac0f70ae61eb1c9bd5731093ed41142a
d12145ab6d92c0778983fd48834703989800638f955da5a4585e8676e5e54c95
d164ab1ed5bc0c4c7730ef227e07061674572d0ce671d1865f4bc2062334b4d7
d58d13c6d34bb37ac055e8546e3711ecafc1680d148c08660ed19f4f85326a91
d65a2bc2aeac2652c416ec5d8ff74f1b69482302958c512182d430a95797d264
d6a462521daf57ccb1e2aa796e34d0d1238b6181d3ca17333385cb128e12735b
dbe24a61cd8f2584e547eb2420236b118a0cb38e514448b21de197a5006ddeda
dbe2b284d004069cb03afa70a0856d7247972cdc7d2cbaba3ee779f0bc8f776c
dd279abda73b9c735ce2973381e07146af6ffc80eb68c33b058b537dfecd34e4
dd8969d3eb42b331bbfe76f22ec6673b0c176c357f90cc9b88ea0b839677fd28
dea921fc41e7fffe9f096788648851660c740a41b9b6e60f66b816e476f7646d
decf75e8c4f75d196dd575fdfee657d37362e494b83f14943b49f2f22414b4db
e1d158e7fe1d2ebdb55465b7f79da5389ff761406b7601a64e623ee99424bfd4
e399477309fcac20ca13c14b64b21d75afcd840d9ae33134cc939eaa799515e0
e3d9078907b88c8a9ceb6b75ee3fc64a93dedb114f0c73ea5c31afb644fe1741
e4a71190fa65ad477a6199a74e61965f56933ed34a665c9d3cb9b03e4c0e50fb
e6e1089077d4f6f946deeea3b56488e8cda31210edf4c35d11c4f6506205d8f9
e837b1ec051ead4667aa0f89998202705aaff739f70be7606fe6d004f8fb0803
e8bdbd660f169f119f24526b7d289f566ceb7e2c943997f25aff787b132fdfec
ea0ee535f1efc0dc1b3a4f67ae86691b9037b0cc25d350e7c014554a1c58615c
ef591781e69b86f1167407440bc4bf2342f4f8e5be9188b4e7547921fda4affd
f28f003632affcd8499b8ef8cd00e5f53ba354f7788f33285be728a972e9ac75
f2cad37623f24a42f3fc2535dda07f8c87a143edebbbd438defd55c793edfc82
f48e063a60f9223b9e7e17613f359043c452d28ddd48a4b18cbe75733afb4b29
f516f19110df3c7f3b187460a87e89adbaa3d1c7fdc37910fa29f26ff5bd4ace
f68b95c0e8f0e819d3290e955263744794878999b569d9eac51a6018bddc6fc5
f70e73092ed3ce7f80334efb0030d0f27bbd892ecc4b286e5bd275d35167a9c6
f97467796fda5320f4f37708a2cd4e472cee519dcd1a78170ca82d10b94becc6
f9df7668c988384b48d0d60f3d7c9fa22c7523b60997510369ddb8bca011eb02
faae4127bb47cf73f368c5d40f1ea743ecdf7519c2296b7cf12ec70b42faf76b
fb2a1409b88726255c2f669950b82472b1b35ccdc33b2e68fd4c4ab6c65bdf83
ff028b76af94a11befa8daa3a4ad5621b9555d4e7f56bb45014c1401ba473dc4
ff1b5c872d2efc8a4f0a2e2a11c7aaacf45d018c58b757b618f97888fc891970

ori-win.xyz Open in urlscan Pro 2606:4700:3034::ac43:8940 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

227 Requests

98 %HTTPS

50 %IPv6

11 Domains

15 Subdomains

11 IPs

4 Countries

7920 kBTransfer

9633 kBSize

14 Cookies

9 Outgoing links

Page URL History

Redirected requests

227 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ori-win.xyz Open in urlscan Pro
2606:4700:3034::ac43:8940 Public Scan

Screenshot
Live screenshot

Full Image

227
Requests

98 %
HTTPS

50 %
IPv6

11
Domains

15
Subdomains

11
IPs

4
Countries

7920 kB
Transfer

9633 kB
Size

14
Cookies

227 HTTP transactions
0 data transactions