saowin3.info Open in urlscan Pro
2606:4700:3033::ac43:ccb2  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response saowin3.info/	7 KB 3 KB	518ms 478ms	Document text/html	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://saowin3.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / PHP/5.4.16 Resource Hash 7b13b499c6725481b56d3750c6210f6419e4757f4e145d74cd98123d395dc12b Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 8e52be452a6c41d8-EWR content-encoding zstd content-type text/html date Tue, 19 Nov 2024 19:52:53 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nEaAZ3XtC4RnkfwM0GjMnM8hsUiU0QsSkg26qNXQ%2FXMV8Dt2t%2BkepYV00hx5WUqnZbxAG7fc0kxFfFfo1WTBOmPYKRH%2FOiffy3TbTIXwUg%2BS0isq8CZIFV8T5n5FGHYE56RU7BWqplumGv8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare server-timing cfL4;desc="?proto=TCP&rtt=3270&sent=8&recv=13&lost=0&retrans=0&sent_bytes=3934&recv_bytes=2286&delivery_rate=830519&cwnd=254&unsent_bytes=0&cid=e2c8b8eb880d494c&ts=497&x=0" x-powered-by PHP/5.4.16
GET H3	200	style.css saowin3.info/	6 KB 2 KB	476ms 471ms	Stylesheet text/css	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://saowin3.info/style.css Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 73be021423a33da08071c8fa5385a2126e13a80eafdcaeefa457504eb60aa5a9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status MISS etag W/"668f9a2e-1888" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MI6WB5aF8VjMV%2BiGX4dBqFxTqQFeh%2BCLuQ7KyhHiF%2FNtaGNd4Lz0ggb8HDVvXdjfqkCxvA08KiRqFt5b9c58J14BMhNwq98q6RBu4itcKbLu1wcaiIp1i97cREtDmTICvCFRBZIZJnK9uXo%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e52be486a0142df-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6368&sent=25&recv=15&lost=0&retrans=0&sent_bytes=15139&recv_bytes=6304&delivery_rate=1463&cwnd=12000&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1011&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:54 GMT content-type text/css last-modified Thu, 11 Jul 2024 08:39:10 GMT vary Accept-Encoding priority u=0,i=?0
GET H2	200	js Show response www.googletagmanager.com/gtag/	322 KB 108 KB	251ms 47ms	Script application/javascript	2607:f8b0:4006:80a::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-4J6CS47W1R Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:80a::2008 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 65e9031b83baf02271020ca556f90147393bee727c20c090e87847e48ca51d44 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Tue, 19 Nov 2024 19:52:54 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 19 Nov 2024 19:52:54 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 109574 x-xss-protection 0 server Google Tag Manager
GET H3	200	logo%20slo.webp saowin3.info/img/	67 KB 68 KB	936ms 932ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/logo%20slo.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5f14235d49eab9c5946d4e801e3f38c01e361c8c9caea950ecb9898965781e83 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "66c18279-10ba0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VMdujCX8K9xy3T6INr%2BHpOvQQ%2FIxEXWdFl9t2Toyg4Y3hUxAOr607pdWGWi0b4Mu%2BdfsMY%2BxKTE0QB8c1INnMclIXQkXgcsEAWl58fObuDwLH34jq%2Bi3Ll35dlmNcPsWqilgGjODnBqtntA%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6022&sent=32&recv=31&lost=0&retrans=0&sent_bytes=17592&recv_bytes=9801&delivery_rate=5050&cwnd=22800&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1440&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:54 GMT content-type image/webp last-modified Sun, 18 Aug 2024 05:11:21 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be486a0342df-EWR accept-ranges bytes content-length 68512 server cloudflare
GET H3	200	btn_dnhap.webp saowin3.info/img/	10 KB 10 KB	473ms 468ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/btn_dnhap.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 062332bc57877c82f56e9250fb3173baeaa6abaeadf5cce0b2a236ddff3719e3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "668f6be8-26a0" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=byF14hxetth9%2FnBWcMv9iU%2FmalPQnsMm3RHarziz0BwC4GwiUl%2BouJ%2Fv2GSdKHNVAVwgVQzdTzR%2FNx1oIG8NolkIjQeyTZzt%2BlfILchjyGvKJb3pu6fl1BIOkF9kXNdlSfm%2BUPQLsVemlJ8%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=6368&sent=15&recv=15&lost=0&retrans=0&sent_bytes=4303&recv_bytes=6304&delivery_rate=1463&cwnd=12000&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1007&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:54 GMT content-type image/webp last-modified Thu, 11 Jul 2024 05:21:44 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be486a0542df-EWR accept-ranges bytes content-length 9888 server cloudflare
GET H3	200	btn_dky.webp saowin3.info/img/	9 KB 10 KB	509ms 509ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/btn_dky.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0f40b20019a7a590a13af6d3d2f079e7daf62bb141a5d37e5cb8eba5cd3ab79a Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "668f6bde-24e2" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m0f1iK2HMK72KzLOpWmhNrZdFKZ3MKVzJXWWAl8VqLHNnGG%2Fi%2Bq6zBw0iu0UnegsU%2FWS%2BxiXoi2hGVF7zafegHSfegwlpORRqDLu85piI2DhZ3PoaiCQe6b5%2BVc2VuvJPdnd2oNKI19csKU%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32909&sent=77&recv=40&lost=0&retrans=0&sent_bytes=70992&recv_bytes=10188&delivery_rate=47656&cwnd=31800&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1489&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:54 GMT content-type image/webp last-modified Thu, 11 Jul 2024 05:21:34 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be4b5e5842df-EWR accept-ranges bytes content-length 9442 server cloudflare
GET H3	200	btn_tcn.webp saowin3.info/img/	15 KB 16 KB	730ms 729ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/btn_tcn.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ffc4422c72e10b6f1b704b18a56c217de8f521a76585527b8a7ef62f4ddb018e Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "668f6bf6-3b7a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m39ISWbQ%2FWWgW%2FGbzWUNUAeIOEtWbm74fX3lsBQDFUIUDDoLKRdy4oC5EcM9sMJTse4aZ6nuXVo3WR%2FGB4%2FcspUwBefc8evZ2RFITOjUm0Qogpx9pdVhknHR%2FOdAIiPrlzE8hUCV7NYwl7w%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=14730&sent=203&recv=81&lost=0&retrans=0&sent_bytes=209635&recv_bytes=12007&delivery_rate=3584707&cwnd=78300&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1744&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:55 GMT content-type image/webp last-modified Thu, 11 Jul 2024 05:21:58 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be4b5e6f42df-EWR accept-ranges bytes content-length 15226 server cloudflare
GET H3	200	trainghiem.webp saowin3.info/img/	9 KB 10 KB	495ms 491ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/trainghiem.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a4e79267d43488db16afbeff331f3bbd9b5402ac8f73c7bd1446164e87b55dd4 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "668f6c00-248e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zzuKppzihHlHu8jG8OZC7l9abYvEtXgR9AmC1%2FqsDIqxm9RcMkPT%2BoqG%2FqJr2e1ZeWykDuGLGE5JTQ3t%2B1uThMFtaVQQvQvITEA%2BpMw4njClC9K0MU3j6D0i3AzvebTRqox%2BBLbSXrBnCLg%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12123&sent=59&recv=33&lost=0&retrans=0&sent_bytes=49992&recv_bytes=9887&delivery_rate=10590&cwnd=27600&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1483&x=1", cfExtPri, cfHdrFlush;dur=3 date Tue, 19 Nov 2024 19:52:54 GMT content-type image/webp last-modified Thu, 11 Jul 2024 05:22:08 GMT vary Accept-Encoding priority u=2,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be4b6e7842df-EWR accept-ranges bytes content-length 9358 server cloudflare
GET H3	200	firewall.webp saowin3.info/img/	8 KB 8 KB	539ms 535ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/firewall.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 94b320cdecc701889204252f15b348ae70065762fa3a2e9e80296cfe4d7e8550 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "668c22a6-1eee" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=loH1Fr9qoLjnR0BEoiHWHhWuI%2BLm5vvGnZ%2BFGL9mTsXfGatxL3lLBHwiV7wtOHMM9vKye9FCA11O%2Fmqv3GhXqeTXFF9XtB75x2RkgBng9Yk2pE3cDFbLmGGSwpvTJLsuIdmDglQ%2BjXqG%2BWg%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12123&sent=59&recv=33&lost=0&retrans=0&sent_bytes=49992&recv_bytes=9887&delivery_rate=10590&cwnd=27600&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1478&x=1", cfExtPri, cfHdrFlush;dur=8 date Tue, 19 Nov 2024 19:52:54 GMT content-type image/webp last-modified Mon, 08 Jul 2024 17:32:22 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be4b6e7b42df-EWR accept-ranges bytes content-length 7918 server cloudflare
GET H3	200	down1111.webp saowin3.info/img/	8 KB 8 KB	538ms 534ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/down1111.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a4d55527079dcb941f6530dc797a8d7496c7143f0e930bf692785804ab8f9ec Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "668c2486-1f06" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EMm%2FbL%2FCY5ImFwSh6IBFv7x484KaEk6UKKkBE2TQgiR8mkJn%2BjguXU30VewfJz2ozaHVYNlZw5Bv%2FtKqmOqAXVvayIRVPArIQqE430dW4LELYbBRe3Rc0L5dSedu2U8sbO6EbzLGVwn8%2FJk%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32909&sent=77&recv=40&lost=0&retrans=0&sent_bytes=70992&recv_bytes=10188&delivery_rate=47656&cwnd=31800&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1489&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:54 GMT content-type image/webp last-modified Mon, 08 Jul 2024 17:40:22 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be4b6e7c42df-EWR accept-ranges bytes content-length 7942 server cloudflare
GET H3	200	ggantoan.webp saowin3.info/img/	7 KB 8 KB	537ms 534ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/ggantoan.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa4295f1b8cad7e10bfb72477347be5841075e149f2b00d27ca50d814f17d69d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "668c22b0-1c9a" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C%2BqaoWmDyehuX9bWni1NbcdN52TGk49xVMYw%2BdY7XCf3L4GM1G33O8kUwXicfpmMhouvfYa5vEavl2wrsAThMyziDJguaAAylfiIDBkwGwBdrncc%2FPorbBg4%2FGyp7nRJYGj30pBwdnyWy%2Fs%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=12123&sent=59&recv=33&lost=0&retrans=0&sent_bytes=49992&recv_bytes=9887&delivery_rate=10590&cwnd=27600&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1478&x=1", cfExtPri, cfHdrFlush;dur=8 date Tue, 19 Nov 2024 19:52:54 GMT content-type image/webp last-modified Mon, 08 Jul 2024 17:32:32 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be4b6e7e42df-EWR accept-ranges bytes content-length 7322 server cloudflare
GET H3	200	android.webp saowin3.info/img/	23 KB 24 KB	691ms 688ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/android.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4dc7c79478cfc4112a40dee6de1950545f4f60fa84f4a0d328924069826c405f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "668c2450-5b74" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GyuBtVaS7u8U7Bo%2BcbGO%2BqA%2BiqaHKRwrY6GYkZ3hBwHFOnacTvSrQvzlN%2FZcWjbO8w4JyyCIlgJQ4Zm8cg%2F7eRapppcqPw9H9BM8ieY5zf8X2L7F7pjbOsT9LmxN9YsSk2XjTil3n35%2F4v8%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=29551&sent=147&recv=74&lost=0&retrans=0&sent_bytes=144100&recv_bytes=11696&delivery_rate=396940&cwnd=78300&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1707&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:54 GMT content-type image/webp last-modified Mon, 08 Jul 2024 17:39:28 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be4b6e8342df-EWR accept-ranges bytes content-length 23412 server cloudflare
GET H3	200	ios.webp saowin3.info/img/	23 KB 24 KB	691ms 689ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/ios.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1b1edc188e0cf5104d39bab67ae11e195d48850a4e9a60ef56513c4f57579616 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "668c2498-5bd4" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ksgVZc1eUYUVxW4hl2Ujauvfzyu0OQpObA3HsX3U759ylYd%2FWV5MkC3mOS4Zo1ZLuZeUmJHDX4Z65D271%2BMMcGx%2BIsQ8mGt3hec%2FU1MufbQbcNQiWK%2B9JTk9LgrXD9wIlEkGZsppf5YxTmk%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=29551&sent=157&recv=74&lost=0&retrans=0&sent_bytes=156100&recv_bytes=11696&delivery_rate=396940&cwnd=78300&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1708&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:54 GMT content-type image/webp last-modified Mon, 08 Jul 2024 17:40:40 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be4b6e8642df-EWR accept-ranges bytes content-length 23508 server cloudflare
GET H3	200	firewall_mobile.webp saowin3.info/img/	8 KB 9 KB	535ms 533ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/firewall_mobile.webp Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1882d1965d0c903ea7de6405988fb740b01d69acec8ac9af6f4dcae6263abbd3 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cf-cache-status MISS etag "668df4e8-20d8" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4B6XIb0tsLLVHJUcB8bCzSGUmkoTt630razRc%2BcU6fGDEKh7dIoJ5Zv8VK2GhwmBT8nPcSlGy5DOJX7lmtzO2jvgCxoKyIX16ULvtmC8Hd%2BPhdFQKsrrqGHbsRJajcCpIY8U5JgC5yA78Gw%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=32909&sent=77&recv=40&lost=0&retrans=0&sent_bytes=70992&recv_bytes=10188&delivery_rate=47656&cwnd=31800&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1490&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:54 GMT content-type image/webp last-modified Wed, 10 Jul 2024 02:41:44 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be4b6e8842df-EWR accept-ranges bytes content-length 8408 server cloudflare
GET H3	200	fbevents.js Show response connect.facebook.net/en_US/	239 KB 61 KB	107ms 18ms	Script application/x-javascript	2a03:2880:f00e:13:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-ZtQ846J2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 19 Nov 2024 19:52:54 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-ZtQ846J2' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=15, rtx=0, c=23, mss=1232, tbw=4562, tp=11, tpl=0, uplat=1, ullat=-1 pragma public x-fb-debug OUG2f0YSTSjsKGo0IPK8jP/33E6S/KZTJ1nV/+AjMrc1520D4oNN2GtQYIHPfGfJpF9a/l/+H7hCazlqIwt7xA== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top content-length 62152 x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	bg-pc.webp saowin3.info/img/	15 KB 16 KB	689ms 688ms	Image image/webp	2606:4700:3033::ac43:ccb2 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://saowin3.info/img/bg-pc.webp Requested by Host: saowin3.info URL: https://saowin3.info/style.css Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::ac43:ccb2 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 39fdbfbcc2a897602a2ccdd1d2495459db8aebb5be36549cc7dc4e1afe1fe15f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer https://saowin3.info/style.css Response headers cf-cache-status MISS etag "668c20cc-3b68" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SyC8s0EKEGi%2FAouON4t4CxJlcYO%2BJYjm4fh7fvv9edltHAcV884dvbSgIcRSj%2BT%2B53oQlv0QSpEKHdu%2FqStX3%2FEEh6JUyBRqEtky9khFVJJRJo9oKig653ZsN1YdCnGnusC6fiRXSyq1IF4%3D"}],"group":"cf-nel","max_age":604800} alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=17885&sent=189&recv=79&lost=0&retrans=0&sent_bytes=193413&recv_bytes=11917&delivery_rate=13343153&cwnd=78300&unsent_bytes=0&cid=efa88ea1f9379f2b&ts=1736&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:55 GMT content-type image/webp last-modified Mon, 08 Jul 2024 17:24:28 GMT vary Accept-Encoding priority u=3,i cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 8e52be4b9ed442df-EWR accept-ranges bytes content-length 15208 server cloudflare
POST H2	204	collect www.google-analytics.com/g/	0 0	85ms 25ms	Fetch text/plain	2607:f8b0:4006:81f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-4J6CS47W1R&gtm=45je4be0v9189109423za200&_p=1732045974293&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855&cid=371513485.1732045974&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732045974&sct=1&seg=0&dl=https%3A%2F%2Fsaowin3.info%2F&dt=C%C3%B3%202.991.629%20ng%C6%B0%E1%BB%9Di%20%C4%91%C3%A3%20%C4%91%C4%83ng%20k%C3%BD&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1166 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-4J6CS47W1R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://saowin3.info cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 19 Nov 2024 19:52:54 GMT content-type text/plain server Golfe2
GET H3	200	972335284537402 Show response connect.facebook.net/signals/config/	81 KB 16 KB	174ms 172ms	Script application/x-javascript	2a03:2880:f00e:13:face:b00c:0:3 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/972335284537402?v=2.9.177&r=stable&domain=saowin3.info&hme=c3e4904c1dde42d643265ef909b9e193c41cedcd6f559a3ff5e1b178e36647fa&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113 Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f00e:13:face:b00c:0:3 Toronto, Canada, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash 8cc63dbcb663102f3625ed639348a6655f23b628c424ed5a84c8a50ee0a00dbd Security Headers Name Value Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-tpkkEPOe' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding gzip report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 19 Nov 2024 19:52:54 GMT content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" priority u=3,i x-frame-options DENY strict-transport-security max-age=31536000; preload; includeSubDomains reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src 'self' data: blob: *;script-src 'nonce-tpkkEPOe' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script'; cache-control public, max-age=1200 timing-allow-origin * cross-origin-opener-policy same-origin-allow-popups x-fb-connection-quality EXCELLENT; q=0.9, rtt=16, rtx=0, c=69, mss=1232, tbw=70498, tp=69, tpl=0, uplat=81, ullat=0 pragma public x-fb-debug ktsvoF3H+bUaJa3bZZXAs2Fw4tZg/Gzf0etPl8u9ONcdsF31nAXjBZl9ZFM9Aa9Q4x8azDf5E7rXPiM4OQPmbg== cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	/ www.facebook.com/tr/	0 16 B	561ms 23ms	Image text/plain	2a03:2880:f10e:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=972335284537402&ev=PageView&dl=https%3A%2F%2Fsaowin3.info%2F&rl=&if=false&ts=1732045974758&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1732045974749.839115000970095003&cs_est=true&ler=empty&cdl=API_unavailable&it=1732045974524&coo=false&rqm=GET Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers strict-transport-security max-age=31536000; includeSubDomains x-fb-connection-quality GOOD; q=0.7, rtt=57, rtx=0, c=23, mss=1232, tbw=4665, tp=13, tpl=0, uplat=0, ullat=0 cross-origin-resource-policy cross-origin access-control-allow-credentials true access-control-allow-origin alt-svc h3=":443"; ma=86400 content-length 0 date Tue, 19 Nov 2024 19:52:55 GMT content-type text/plain server proxygen-bolt priority u=3,i
GET H3	200	/ www.facebook.com/privacy_sandbox/pixel/register/trigger/	67 B 195 B	664ms 126ms	Image image/png	2a03:2880:f10e:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=972335284537402&ev=PageView&dl=https%3A%2F%2Fsaowin3.info%2F&rl=&if=false&ts=1732045974758&sw=1600&sh=1200&v=2.9.177&r=stable&ec=0&o=4126&fbp=fb.1.1732045974749.839115000970095003&cs_est=true&ler=empty&cdl=API_unavailable&it=1732045974524&coo=false&rqm=FGET Requested by Host: saowin3.info URL: https://saowin3.info/ Protocol H3 Security QUIC, , AES_128_GCM Server 2a03:2880:f10e:83:face:b00c:0:25de Toronto, Canada, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a Security Headers Name Value Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; Strict-Transport-Security max-age=15552000; preload X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers content-encoding zstd report-to {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439080819044207235"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"} x-content-type-options nosniff expires Sat, 01 Jan 2000 00:00:00 GMT alt-svc h3=":443"; ma=86400 date Tue, 19 Nov 2024 19:52:55 GMT content-type image/png vary Accept-Encoding x-fb-debug SVLcv/fP9TNSp0n2/2Ha9/p06Ly1NDOq23g7osWKvHlStUm+8vtpjbrhYybAAo/4LYhCOeq4kISbO91jeJ6nIQ== priority u=3,i x-frame-options DENY strict-transport-security max-age=15552000; preload reporting-endpoints coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439080819044207235", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/" content-security-policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests; cache-control private, no-store, no-cache, must-revalidate x-fb-connection-quality EXCELLENT; q=0.9, rtt=42, rtx=0, c=23, mss=1232, tbw=5033, tp=16, tpl=0, uplat=108, ullat=0 cross-origin-opener-policy same-origin-allow-popups pragma no-cache cross-origin-resource-policy cross-origin permissions-policy accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy" document-policy force-load-at-top x-xss-protection 0 origin-agent-cluster ?1
GET H3	200	favicon.ico anhsaoxanh.live/	1 KB 2 KB	510ms 463ms	Other image/x-icon	2606:4700:3037::6815:3b80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anhsaoxanh.live/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 469d806e1490933df0f27d3fc6332bd4c92597b27f73a084cd6ccb98cc1de184 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"668f92d0-57e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=37b4lBU5EyaPlHXuhBEyQ3umt9nbnoXuJfeSBilxCtKKxcWbpOra2W4kbsnZSRXUWwMO0zIvu73TxieuJlFDJKlW9iiw2t2AdPgWzSW0yK5bB3o0B3b%2FwLJjgxefyV%2FfszFjLXx5QJmofSXK73A%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e52be52dc1f7d00-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=5156&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4265&recv_bytes=5687&delivery_rate=1461&cwnd=12000&unsent_bytes=0&cid=f6c513462b53b6d1&ts=479&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:55 GMT content-type image/x-icon last-modified Thu, 11 Jul 2024 08:07:44 GMT vary Accept-Encoding priority u=1,i
GET H3	200	favicon.ico anhsaoxanh.live/	1 KB 0	0ms 0ms	Other image/x-icon	2606:4700:3037::6815:3b80 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://anhsaoxanh.live/favicon.ico Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3037::6815:3b80 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 469d806e1490933df0f27d3fc6332bd4c92597b27f73a084cd6ccb98cc1de184 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding zstd cf-cache-status REVALIDATED etag W/"668f92d0-57e" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=37b4lBU5EyaPlHXuhBEyQ3umt9nbnoXuJfeSBilxCtKKxcWbpOra2W4kbsnZSRXUWwMO0zIvu73TxieuJlFDJKlW9iiw2t2AdPgWzSW0yK5bB3o0B3b%2FwLJjgxefyV%2FfszFjLXx5QJmofSXK73A%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8e52be52dc1f7d00-EWR alt-svc h3=":443"; ma=86400 server-timing cfL4;desc="?proto=QUIC&rtt=5156&sent=14&recv=13&lost=0&retrans=0&sent_bytes=4265&recv_bytes=5687&delivery_rate=1461&cwnd=12000&unsent_bytes=0&cid=f6c513462b53b6d1&ts=479&x=1", cfExtPri, cfHdrFlush;dur=0 date Tue, 19 Nov 2024 19:52:55 GMT content-type image/x-icon last-modified Thu, 11 Jul 2024 08:07:44 GMT vary Accept-Encoding priority u=1,i
GET		favicon-32x32.png anhsaoxanh.live/images/favicons/	0 0
POST H2	204	collect www.google-analytics.com/g/	0 0	28ms 27ms	Fetch text/plain	2607:f8b0:4006:81f::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-4J6CS47W1R&gtm=45je4be0v9189109423za200&_p=1732045974293&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855&cid=371513485.1732045974&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732045974&sct=1&seg=0&dl=https%3A%2F%2Fsaowin3.info%2F&dt=C%C3%B3%202.991.629%20ng%C6%B0%E1%BB%9Di%20%C4%91%C3%A3%20%C4%91%C4%83ng%20k%C3%BD&en=scroll&epn.percent_scrolled=90&_et=27&tfd=6205 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-4J6CS47W1R Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:81f::200e , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36 Referer Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://saowin3.info cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Tue, 19 Nov 2024 19:52:59 GMT content-type text/plain server Golfe2

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

anhsaoxanh.live

URL

https://anhsaoxanh.live/images/favicons/favicon-32x32.png

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.saowin3.info/	1970-01-21 10:43:25	Name: _ga Value: GA1.1.371513485.1732045974
			.saowin3.info/	1970-01-21 10:43:25	Name: _ga_4J6CS47W1R Value: GS1.1.1732045974.1.0.1732045974.0.0.0
			.saowin3.info/	1970-01-21 03:17:01	Name: _fbp Value: fb.1.1732045974749.839115000970095003

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

anhsaoxanh.live
connect.facebook.net
saowin3.info
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
anhsaoxanh.live
2606:4700:3033::ac43:ccb2
2606:4700:3037::6815:3b80
2607:f8b0:4006:80a::2008
2607:f8b0:4006:81f::200e
2a03:2880:f00e:13:face:b00c:0:3
2a03:2880:f10e:83:face:b00c:0:25de
062332bc57877c82f56e9250fb3173baeaa6abaeadf5cce0b2a236ddff3719e3
0f40b20019a7a590a13af6d3d2f079e7daf62bb141a5d37e5cb8eba5cd3ab79a
1882d1965d0c903ea7de6405988fb740b01d69acec8ac9af6f4dcae6263abbd3
1b1edc188e0cf5104d39bab67ae11e195d48850a4e9a60ef56513c4f57579616
39fdbfbcc2a897602a2ccdd1d2495459db8aebb5be36549cc7dc4e1afe1fe15f
43a683165a27224ef2d2717bd57c8c203aa570ce39140504d086562eefbb0f1f
469d806e1490933df0f27d3fc6332bd4c92597b27f73a084cd6ccb98cc1de184
4dc7c79478cfc4112a40dee6de1950545f4f60fa84f4a0d328924069826c405f
5f14235d49eab9c5946d4e801e3f38c01e361c8c9caea950ecb9898965781e83
65e9031b83baf02271020ca556f90147393bee727c20c090e87847e48ca51d44
73be021423a33da08071c8fa5385a2126e13a80eafdcaeefa457504eb60aa5a9
7b13b499c6725481b56d3750c6210f6419e4757f4e145d74cd98123d395dc12b
8cc63dbcb663102f3625ed639348a6655f23b628c424ed5a84c8a50ee0a00dbd
94b320cdecc701889204252f15b348ae70065762fa3a2e9e80296cfe4d7e8550
9a4d55527079dcb941f6530dc797a8d7496c7143f0e930bf692785804ab8f9ec
a4e79267d43488db16afbeff331f3bbd9b5402ac8f73c7bd1446164e87b55dd4
aa4295f1b8cad7e10bfb72477347be5841075e149f2b00d27ca50d814f17d69d
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ffc4422c72e10b6f1b704b18a56c217de8f521a76585527b8a7ef62f4ddb018e