win2888xsmb.top Open in urlscan Pro
104.21.45.92 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://win2888xsmb.top/
Submission: On February 04 via api (February 4th 2024, 9:24:05 am UTC) from US — Scanned from US

Summary HTTP 57 Redirects Links 24 Behaviour Indicators

Summary

This website contacted 11 IPs in 2 countries across 8 domains to perform 57 HTTP transactions. The main IP is 104.21.45.92, located in and belongs to CLOUDFLARENET, US. The main domain is win2888xsmb.top.
TLS certificate: Issued by GTS CA 1P5 on February 1st 2024. Valid for: 3 months.

This is the only time win2888xsmb.top was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	104.21.45.92 104.21.45.92	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2607:f8b0:400... 2607:f8b0:4006:817::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:1f6a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2606:4700:303... 2606:4700:3037::6815:2d5c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2607:f8b0:400... 2607:f8b0:4006:823::200e	15169 (GOOGLE) (GOOGLE)
11	2606:4700:10:... 2606:4700:10::6816:1883	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:822::200a	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
12	2606:4700:10:... 2606:4700:10::6816:1983	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:400... 2a04:4e42:400::485	54113 (FASTLY) (FASTLY)
57	11

4 104.21.45.92 (None, )

ASN13335 (CLOUDFLARENET, US)

win2888xsmb.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:817::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:1f6a (United States)

ASN13335 (CLOUDFLARENET, US)

bachthude3mien.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2606:4700:3037::6815:2d5c (United States)

ASN13335 (CLOUDFLARENET, US)

win2888xsmb.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:823::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700:10::6816:1883 (United States)

ASN13335 (CLOUDFLARENET, US)

embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:822::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:817::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:10::6816:1983 (United States)

ASN13335 (CLOUDFLARENET, US)

va.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
embed.tawk.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:400::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	tawk.to embed.tawk.to — Cisco Umbrella Rank: 9519 va.tawk.to — Cisco Umbrella Rank: 9238	211 KB
19	win2888xsmb.top win2888xsmb.top	615 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	319 KB
3	gstatic.com fonts.gstatic.com	99 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 324	41 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28	2 KB
1	bachthude3mien.com bachthude3mien.com	87 KB
57	8

	Domain	Requested by
19	win2888xsmb.top	win2888xsmb.top
18	embed.tawk.to	win2888xsmb.top embed.tawk.to
5	va.tawk.to	embed.tawk.to
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	www.googletagmanager.com	win2888xsmb.top www.googletagmanager.com
3	fonts.gstatic.com	fonts.googleapis.com
1	cdn.jsdelivr.net	embed.tawk.to
1	fonts.googleapis.com	win2888xsmb.top
1	bachthude3mien.com	win2888xsmb.top
57	9

This site contains links to these domains. Also see Links.

Domain
solochuanxac.com
baolo2nhay.com
soicauphuquy.com
soicauxoso18h30.com
baode3mien.com
caudepnhat.com
bachthulodepnhat.com
bachthudepnhat.com
soicaudep3mien.com
soichuanlovip.com
soicaulo3cang.com
chotsodangcap.com
chotsolo.com
tapdoanxoso.com
sodemienphi.com
soicaududoanlo.com
soicausotoinay.mobi
batcauchuanxac.com
thandongsoicau.com
bacangvip.com
caudechinhxac.com
caubachthuvip.com
galussothemes.com
wordpress.org

Subject Issuer	Validity	Valid
win2888xsmb.top GTS CA 1P5	`2024-02-01` - `2024-05-01`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
bachthude3mien.com GTS CA 1P5	`2023-12-30` - `2024-03-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-04-28` - `2024-04-27`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://win2888xsmb.top/
Frame ID: FD5BA7026895A108274AF846D732928F
Requests: 53 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css
Frame ID: 018695AF7B9ADB67CE3800E39A32B3DB
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css
Frame ID: 53E3D49753D78226BDDD5B5EB51A13FE
Requests: 1 HTTP requests in this frame

Frame: https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css
Frame ID: 38A1F2194A80F6BCEAA3CF849D7BF429
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

soicau xsmb chinh xac - soi cau 3 mien hom nay - soicau xsmb chinh xac - soi cau 3 mien hom nay

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Tawk.to (Live Chat) Expand

Overall confidence: 100%
Detected patterns

//embed\.tawk\.to

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

57
Requests

100 %
HTTPS

90 %
IPv6

8
Domains

9
Subdomains

11
IPs

2
Countries

1420 kB
Transfer

3464 kB
Size

9
Cookies

24 Outgoing links

These are links going to different origins than the main page.

URL: https://solochuanxac.com/
Title: solochuanxac.com

Search URL Search Domain Scan URL

URL: https://baolo2nhay.com/
Title: baolo2nhay.com

Search URL Search Domain Scan URL

URL: https://soicauphuquy.com/
Title: soicauphuquy.com

Search URL Search Domain Scan URL

URL: https://soicauxoso18h30.com/
Title: soicauxoso18h30.com

Search URL Search Domain Scan URL

URL: https://baode3mien.com/
Title: baode3mien.com

Search URL Search Domain Scan URL

URL: https://caudepnhat.com/
Title: caudepnhat.com

Search URL Search Domain Scan URL

URL: https://bachthulodepnhat.com/
Title: bachthulodepnhat.com

Search URL Search Domain Scan URL

URL: https://bachthudepnhat.com/
Title: bachthudepnhat.com

Search URL Search Domain Scan URL

URL: https://soicaudep3mien.com/
Title: soicaudep3mien.com

Search URL Search Domain Scan URL

URL: https://soichuanlovip.com/
Title: soichuanlovip.com

Search URL Search Domain Scan URL

URL: https://soicaulo3cang.com/
Title: soicaulo3cang.com

Search URL Search Domain Scan URL

URL: https://chotsodangcap.com/
Title: chotsodangcap.com

Search URL Search Domain Scan URL

URL: https://chotsolo.com/
Title: chotsolo.com

Search URL Search Domain Scan URL

URL: https://tapdoanxoso.com/
Title: tapdoanxoso.com

Search URL Search Domain Scan URL

URL: https://sodemienphi.com/
Title: sodemienphi.com

Search URL Search Domain Scan URL

URL: https://soicaududoanlo.com/
Title: soicaududoanlo.com

Search URL Search Domain Scan URL

URL: https://soicausotoinay.mobi/
Title: soicausotoinay.mobi

Search URL Search Domain Scan URL

URL: https://batcauchuanxac.com/
Title: batcauchuanxac.com

Search URL Search Domain Scan URL

URL: https://thandongsoicau.com/
Title: thandongsoicau.com

Search URL Search Domain Scan URL

URL: https://bacangvip.com/
Title: bacangvip.com

Search URL Search Domain Scan URL

URL: https://caudechinhxac.com/
Title: caudechinhxac.com

Search URL Search Domain Scan URL

URL: https://caubachthuvip.com/
Title: caubachthuvip.com

Search URL Search Domain Scan URL

URL: https://galussothemes.com/wordpress-themes/viomag
Title: VioMag

Search URL Search Domain Scan URL

URL: http://wordpress.org/
Title: WordPress

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
win2888xsmb.top/ 382 KB
34 KB 1257ms
732ms Document
text/html 104.21.45.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win2888xsmb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.45.92 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3cf45afb3ec3a4a0faf48c3a2f73786c362f53c0c0603bc4e264eb57711ff847

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8501db819b8e3773-YYZ
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 04 Feb 2024 09:23:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iFQH5Zid7OVUy6KOSOo73GgvUd79H%2Fh8Dm9h9KUZqt0QA5sG5n2fFo5d8vCUD8bTJT4YW%2BYE6nuM3Ex05vYlS%2FXFCGUqwPuP9Hk04jaI34GlxfC1skFOOA8ahF9czrOjcRQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 f8vam.css
win2888xsmb.top/wp-content/cache/wpfc-minified/lxzmsacc/ 93 KB
17 KB 783ms
780ms Stylesheet
text/css 104.21.45.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://win2888xsmb.top/wp-content/cache/wpfc-minified/lxzmsacc/f8vam.css
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c84ac049e364cfa55a84b2e3039d22988fb0ad8b85721a6e196d0803f8248f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: public
date: Sun, 04 Feb 2024 09:23:54 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 15:23:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bbb782-173eb"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8WTHir342xNoUREHGSoH8HP%2FlnUbZ6desl7Zmo7uUVlbWlBvgG0OCp9qeGmG4bd7KujzQAkLNro33VF9uee5EmNgj3%2Bo3GwjK1kZY7HnFVp1ARYxVm%2FsW8hbn3Nbe3jaKDE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8501db863ee03773-YYZ
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 09:23:54 GMT

GET
H2 200 f8vam.css
win2888xsmb.top/wp-content/cache/wpfc-minified/rphgx72/ 77 KB
35 KB 30ms
29ms Stylesheet
text/css 104.21.45.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://win2888xsmb.top/wp-content/cache/wpfc-minified/rphgx72/f8vam.css
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da73c4153b75cfd35b659ca8ce4b8f72961aa70134b4eb9da026454df2c0d9c3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:53 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 196177
alt-svc: h3=":443"; ma=86400
pragma: public
last-modified: Thu, 01 Feb 2024 15:23:46 GMT
server: cloudflare
etag: W/"65bbb782-133d4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qu1%2Bu971fDwyx8nF4atvf6M3%2B3rW5r%2FSA5pJGxWD4Za7o%2FIf%2FshmKnWmdYsL5HeQyexPbaob%2FrFypOQXNyI1eZuNip4I3q4LK9gXvUY93XnKr50RTaZdaUvP5Jyv5aQdK3k%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8501db863ee13773-YYZ
expires: Sun, 03 Mar 2024 02:54:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 247 KB
86 KB 306ms
238ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-H67RC2Z0T2

Requested by

Host: win2888xsmb.top
URL: https://win2888xsmb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

55e274a22a39ef488b093a887ca95430046d5d6f5e65e83418be15498a5a69a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Feb 2024 09:23:54 GMT

GET
H2 200 soicaubachthu.jpg
bachthude3mien.com/wp-content/uploads/2018/08/ 86 KB
87 KB 1391ms
1223ms Image
image/jpeg 2606:4700:3036::6815:1f6a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bachthude3mien.com/wp-content/uploads/2018/08/soicaubachthu.jpg
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:1f6a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e75198596addf113c64dc068c38a27c3051aaec21fac9fbbf818547b2b7cd12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 88473
pragma: public
last-modified: Tue, 07 Aug 2018 08:30:06 GMT
server: cloudflare
etag: "5b69588e-15999"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aEhKJIdypSRXu%2FupcE9%2BBgqWgnyPNa1Dtdgdb3W61lgAisgSubFLx499XzpR5H0dkZZSUutYd3UL%2BMNR%2B9zkIcStONItHZaCHHxd3onGMiD79t1eFHX83wn1aUtjO6Ho968w6OOo63yXH1EhnJecwlw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db874e186aed-BUF
expires: Tue, 05 Mar 2024 09:23:54 GMT

GET
H2 200 x%E1%BB%95-so-mien-nam-240x162.jpg
win2888xsmb.top/wp-content/uploads/2020/02/ 13 KB
14 KB 497ms
495ms Image
image/jpeg 104.21.45.92
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2020/02/x%E1%BB%95-so-mien-nam-240x162.jpg
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.45.92 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f13502106664043ae3891d6e9adeae90858679295c98472d131eab8095f1745

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:54 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 13545
pragma: public
last-modified: Sat, 08 Feb 2020 15:30:17 GMT
server: cloudflare
etag: "5e3ed409-34e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7elNSAnwFGZhM4Hfdfo4JGRSSkT%2FTy6RcjjYtapZFZxbHBLifcK2Mac%2Ftaz891%2BoM5RIvSIv5etmIjSuZXZ31BwQYviRKv55cO6%2F4O9XrYZRTuAVXvoa7T7qgv%2BZbKXb7fA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db863ee23773-YYZ
expires: Tue, 05 Mar 2024 09:23:54 GMT

GET
H3 200 kinhnghiemlode-300x200.png
win2888xsmb.top/wp-content/uploads/2017/10/ 68 KB
68 KB 1403ms
1402ms Image
image/png 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2017/10/kinhnghiemlode-300x200.png
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa97f59ff3cf632b16bebe024f870350d0f55ea135843e9531e73fd3063a925a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 69533
pragma: public
last-modified: Sat, 07 Oct 2017 05:53:50 GMT
server: cloudflare
etag: "59d86bee-10f9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iCr5AXt%2Bg6QRCdRqSXEY3UELHrfSyQd6Xk0CAPb6h%2F%2FJ6qWfVPoPoDiKOKMxNNveIFjJCqVSlF8ikHDrqIzg6fyMjLkPbDQ68h22aORzyL9yP23Hq9b%2Bd%2BUqIzHGzLu6FjZTx9wvArDQ%2B4Q%2B0EE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db895e224bc6-BUF
expires: Tue, 05 Mar 2024 09:23:54 GMT

GET
H3 200 soi-cau-mb23-240x180.jpg
win2888xsmb.top/wp-content/uploads/2020/02/ 12 KB
13 KB 527ms
525ms Image
image/jpeg 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2020/02/soi-cau-mb23-240x180.jpg
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029227b15301f02d5b7f37ad930e5478f2435364bc6e7805d90e09c91647824b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12342
pragma: public
last-modified: Sat, 08 Feb 2020 15:29:54 GMT
server: cloudflare
etag: "5e3ed3f2-3036"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cvwkt6gtFfjgRYx%2FeECtesnay7KofDh2S44%2B7MPMdl4sBl%2BXV%2BZvhQBToi73KQQPbU8mE%2Bt4Za9%2BHhlU50iB6LKfUIjxNn3NLO2UzZdW%2FtK7zmb%2BSaArUp8SFgbs2XhBhdGYDJcSSa6%2FgYAhf%2B8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f634bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 xem-cau-lo-240x168.jpg
win2888xsmb.top/wp-content/uploads/2020/02/ 12 KB
13 KB 498ms
495ms Image
image/jpeg 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2020/02/xem-cau-lo-240x168.jpg
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e456570612ad18b7c62bc69672a36d14cbed8f08482d50924bef9fd3cdf08f0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12371
pragma: public
last-modified: Sat, 08 Feb 2020 15:30:14 GMT
server: cloudflare
etag: "5e3ed406-3053"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fMMPnZ8oCZ4o61aLKleC47IrDmPZawAVx7mWmhezqYLgXKEtYzHmbgtehqWo0qZr3a2rVKtd72Rdf4wDBBhrx9arw6zlxGfKjVEILt6fw7UhibjD2UMk9DLLfUTf7p1oIf7g0GUPWajCYQm5Oys%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f644bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 soi-kep-mb-240x180.jpg
win2888xsmb.top/wp-content/uploads/2020/02/ 12 KB
12 KB 564ms
562ms Image
image/jpeg 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2020/02/soi-kep-mb-240x180.jpg
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f90fe2e4b61536dc1d312c36aadbfdc22154208686e4ebcd00ef8c3a40fae34d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11786
pragma: public
last-modified: Sat, 08 Feb 2020 15:29:43 GMT
server: cloudflare
etag: "5e3ed3e7-2e0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DOTGk4WRaHF%2FkPxSTyipuHHA4HwcDCGOCZ8trD4TtAmG9xpJzOtqKk2URQVqZq6mK%2BJbiZmMRU8lvp7iufCsNHWW90SXGqjRjGEIL%2BAmoSWKshCPHa7iM85jPBwMsdzKcvcds8re1XD%2B148av5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f664bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 soi-cau-ngoc-trinh-240x180.jpg
win2888xsmb.top/wp-content/uploads/2020/02/ 16 KB
16 KB 816ms
814ms Image
image/jpeg 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2020/02/soi-cau-ngoc-trinh-240x180.jpg
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: af7c1063aea32d0806a803ca06a53cfff241e8749a2c0faee0892d854c0ab00d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 15996
pragma: public
last-modified: Sat, 08 Feb 2020 15:29:27 GMT
server: cloudflare
etag: "5e3ed3d7-3e7c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFfR%2FUW1S1LcJ9LmCmOrqIhBFdzKKC3jOgHrI3jk65%2FaTgSkxAoNb1v024lqUljEZwAovG0aR2P%2BUBbER3EdTYx22YOWNtmlSbnlzcx0V8tzt2%2FiNbQ9%2FHItuTlwHzNpydbPOM1%2FOWxEAC9azkY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f674bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 soi-cau-de-mb-240x180.png
win2888xsmb.top/wp-content/uploads/2020/02/ 57 KB
58 KB 1075ms
1073ms Image
image/png 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2020/02/soi-cau-de-mb-240x180.png
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70626ffe05cf71e9255d71bb9a053ea18503c6d95f57a69e0a6c6015cd1e9b4b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 58738
pragma: public
last-modified: Sat, 08 Feb 2020 15:29:04 GMT
server: cloudflare
etag: "5e3ed3c0-e572"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zdVy54weB0P8Hmyfr0Aagpq9uUqWTys0z9fioHH9U2a9q1MO7Fa1V45XS3FH2V5feuDv90Nv4Lafkpt3S1muJpj4pOO31LJIOnNIqZN3muIP5gOh%2BUBQJ9zEunW0bzVG1dsrD29sodI5fgySv8o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f684bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 3-c%C3%A0ng-240x180.gif
win2888xsmb.top/wp-content/uploads/2020/02/ 31 KB
32 KB 1057ms
1056ms Image
image/gif 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2020/02/3-c%C3%A0ng-240x180.gif
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 636969d766ff77384ac92f1fb8258325e229e1fe639a9774ba561f466076037e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 32245
pragma: public
last-modified: Sat, 08 Feb 2020 15:25:28 GMT
server: cloudflare
etag: "5e3ed2e8-7df5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1HMz%2Fc0vlkBx2l6KnAqKDO%2BKn2icEXRPmn7KmgVk66AqYME9cvDOLavx511mLGJH8PmYAIsPE6Anec5mSv%2Bil86trFL1MBN87ekyVoD3mAUuUSdaJ6eL9LTrMfLpJHaaLbdsS7SGBHiI4aq41K0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f694bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 bach-thu-lo-kep-2-240x180.jpg
win2888xsmb.top/wp-content/uploads/2020/02/ 11 KB
12 KB 630ms
628ms Image
image/jpeg 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2020/02/bach-thu-lo-kep-2-240x180.jpg
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ab5534893fdad8eb491fb1ce0c467b94d1338d9ac7b0e2f5bb82f41b023cb92

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 11402
pragma: public
last-modified: Sat, 08 Feb 2020 15:25:39 GMT
server: cloudflare
etag: "5e3ed2f3-2c8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9stw0DMEAUp38hJPgP5Vvz9dwyvMaB%2BE2iPVTNHBbDujqpyp%2F36qk3ml15%2F7fHfYLz9dbqFsa%2FhL4CR3BoMbvO%2FXX4Pvhj91Dt6eF5jSoNMllbz0ugU5JmQg%2FsT0TW%2B7Gs7oFpafc%2F9SACIS9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f6a4bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 btl1-300x169.jpg
win2888xsmb.top/wp-content/uploads/2017/10/ 12 KB
13 KB 526ms
525ms Image
image/jpeg 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2017/10/btl1-300x169.jpg
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab64138ec18b6480319e7a05003ebb3118c1b805909c2e1f7b272d80fc4e67e2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 12477
pragma: public
last-modified: Sat, 07 Oct 2017 05:52:30 GMT
server: cloudflare
etag: "59d86b9e-30bd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VH5EBlbFnBQ6vjBI%2BiM7Kx2Mr59A75A0qy7q%2BMyMMus7GUz%2B2Mc0bKgGg4nfVO41V8dMRC0WhOqn9UviehKkdH7LIKUYftN5kbuDigJCRyOEAM%2F8zqjWLhKJq5w2OeT5y8doAlD84opIu8AGT6o%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f6b4bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 du-doan-xsmb-hinh-anh-1_3012105216-300x86.png
win2888xsmb.top/wp-content/uploads/2018/08/ 41 KB
42 KB 1087ms
1086ms Image
image/png 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2018/08/du-doan-xsmb-hinh-anh-1_3012105216-300x86.png
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f66e60b0847e3e093ff135cbecedbcb908fb68e3b6d55c3985a2faa729cac0c0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 42473
pragma: public
last-modified: Tue, 07 Aug 2018 08:46:42 GMT
server: cloudflare
etag: "5b695c72-a5e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UvtwgTCH2QyKACxa9oL75BDP3DOk3DhUb9FJA%2FN5%2FB%2FAsoeENUzliBoDn%2Bl%2BDzR%2F%2FTiWVXoHxRnfYl1HnwqNy1Vp0UVws1jbg19fG9xcNiXh6b8QLJPXcGQt4f1cB%2Bamyt2ZziSog15IRDk0egw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f6c4bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 5.png
win2888xsmb.top/wp-content/uploads/2018/08/ 118 KB
118 KB 1096ms
1095ms Image
image/png 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2018/08/5.png
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6b224cc8e09dc370bbd52f137c3304ef2b4130cb6e7a97e92a09e9bd5848710c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 120722
pragma: public
last-modified: Tue, 07 Aug 2018 08:45:40 GMT
server: cloudflare
etag: "5b695c34-1d792"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L30w5hjd2P87M0vlhB3BInp1yBHhMuOuxpTL9p0%2BlB6JZMlPTarCOy613DtGaqNRjlu93YpRhszVPEuw0JQrydIM2rGH%2Bj3CPSOHisMrOaIVWjrk9E3E0B3aSswgpwUwWRK%2BNSFomTtVRnYLJN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f6d4bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 vip2.gif
win2888xsmb.top/wp-content/uploads/2017/09/ 3 KB
3 KB 559ms
558ms Image
image/gif 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://win2888xsmb.top/wp-content/uploads/2017/09/vip2.gif
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e83d2a2e66ac174c1a6ea197770eac09bf6a7e6568d96ddf3c18d031b52541a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 2952
pragma: public
last-modified: Tue, 17 Apr 2018 03:29:08 GMT
server: cloudflare
etag: "5ad56a04-b88"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pBzV5uMi8stbwF%2FqlT1Sn%2Bjxm5wavOo2XA2ysJ5IIteVei%2FfoRfdX9kLKEE4bRaJMtwa98fY8hyGEYa21k61fMGXlcRYGanpM8X%2BEOBsqESMiWyC%2BJ5KB47QYwZHYuhWkVO%2BH6JwwBsV72psGNk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 8501db8b2f6e4bc6-BUF
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 f8vam.js Show response
win2888xsmb.top/wp-content/cache/wpfc-minified/2p8abx11/ 104 KB
38 KB 737ms
734ms Script
application/javascript 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://win2888xsmb.top/wp-content/cache/wpfc-minified/2p8abx11/f8vam.js
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60fc7c4b5d7aa9baaa63b18ae3e1e1679721bf2bbfc1f275135a8810f9fcdd84

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: public
date: Sun, 04 Feb 2024 09:23:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 15:23:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bbb782-1a0f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RwGj1FDqmlhfJrLDAIT6%2B8GiI9p1Rfpt6dfK3pWvgixqOCLUws1JjMnYgDBE45Kv842xYZh%2BwySpRxmjthCHhzVfxYzqSeYBz1QuVOcNhvf1hEALK%2BKopjdsgbYmD1DkMx83zumM3qrYFvIt8jA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8501db8b2f654bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 f8vam.js Show response
win2888xsmb.top/wp-content/cache/wpfc-minified/mnojuqih/ 4 KB
2 KB 553ms
552ms Script
application/javascript 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://win2888xsmb.top/wp-content/cache/wpfc-minified/mnojuqih/f8vam.js
Requested by: Host: win2888xsmb.top
URL: https://win2888xsmb.top/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b546581e5556666c8d7fa5ad5fb9a73249dc5e56c99d0f331ace299b2019b6a1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: public
date: Sun, 04 Feb 2024 09:23:55 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 01 Feb 2024 15:23:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"65bbb782-103b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WCz85IciMPyS7Rvj%2FNkFyYaadb6DL2nqz3f7z8%2FHFbtVXFX7DHu0VDyNDrDumXsHWQzmp6K3eZ0V%2BuyGKOE3OfQHEYlCiXYVn8%2FBA610N0F06J%2F1uU%2FD564LVWUkDZ2fybVA73Ow%2BGSw1eyNu2I%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 8501db8b2f6f4bc6-BUF
alt-svc: h3=":443"; ma=86400
expires: Tue, 05 Mar 2024 09:23:55 GMT

GET
H3 200 fontawesome-webfont.woff2
win2888xsmb.top/wp-content/themes/viomag/css/font-awesome-4.7.0/fonts/ 75 KB
76 KB 953ms
953ms Font
font/woff2 2606:4700:3037::6815:2d5c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://win2888xsmb.top/wp-content/themes/viomag/css/font-awesome-4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: win2888xsmb.top
URL: https://win2888xsmb.top/wp-content/cache/wpfc-minified/rphgx72/f8vam.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3037::6815:2d5c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://win2888xsmb.top/wp-content/cache/wpfc-minified/rphgx72/f8vam.css
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
x-content-type-options: nosniff
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 77160
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Aug 2018 08:24:00 GMT
server: cloudflare
etag: "5b695720-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nyYP%2Fiz44s3x32PidxKWJW75Q%2Bhv3lC2O8xcxQZOVlPlGbIiXjlOs0QP9uI%2FBKNFt6dZvmwGfmSiB3q47Dc0W6j3lDihq7cWDk%2BY5yp0QREpumJMp5Xb7r0wsUS3UhQ4GXz0kd2%2BFpCnPIi1I6c%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8501db8b8fa44bc6-BUF

GET
DATA 200
OK truncated
/ 25 KB
25 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d02f66b2c4e26b3ba063c199ce126f434a81fc3f8746149a0955ea778fe5e853

Request headers

Referer
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 190 KB
68 KB 48ms
47ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-157512640-21&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H67RC2Z0T2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

147a6d0f0c9a5865d1b99c3af1af337d98032ba897f50d76a28d48531def23e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 69994
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Feb 2024 09:23:55 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 244 KB
85 KB 50ms
49ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-L85EFQFMX7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H67RC2Z0T2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dbfd40544ddc2fff198862ea39d3c3550040624968b4fc0e03c06676076cfee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86442
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Feb 2024 09:23:55 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
254 B 313ms
47ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-H67RC2Z0T2&gtm=45je41v0v870375657za200&_p=1707038634731&gcd=11l1l1l1l1&npa=0&dma=0&cid=1167625411.1707038635&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707038635&sct=1&seg=0&dl=https%3A%2F%2Fwin2888xsmb.top%2F&dt=soicau%20xsmb%20chinh%20xac%20-%20soi%20cau%203%20mien%20hom%20nay%20-%20soicau%20xsmb%20chinh%20xac%20-%20soi%20cau%203%20mien%20hom%20nay&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=2478
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-H67RC2Z0T2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:23:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win2888xsmb.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 227 KB
80 KB 49ms
49ms Script
application/javascript 2607:f8b0:4006:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XYQ5GYKHXF&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157512640-21&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f79015a3cf327252bc3d529df864a1ee527d12cfcbd0ccae9f1a074e39850e48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 82110
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 04 Feb 2024 09:23:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
28ms Script
text/javascript 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-157512640-21&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 04 Feb 2024 08:06:18 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 4657
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 04 Feb 2024 10:06:18 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
54 B 39ms
38ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-L85EFQFMX7&gtm=45je41v0v877997086z8870375657za200&_p=1707038634731&gcd=11l1l1l1l1&npa=0&dma=0&cid=1167625411.1707038635&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707038635&sct=1&seg=0&dl=https%3A%2F%2Fwin2888xsmb.top%2F&dt=soicau%20xsmb%20chinh%20xac%20-%20soi%20cau%203%20mien%20hom%20nay%20-%20soicau%20xsmb%20chinh%20xac%20-%20soi%20cau%203%20mien%20hom%20nay&en=page_view&_fv=1&_ss=1&tfd=2816
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L85EFQFMX7&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:23:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win2888xsmb.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default Show response
embed.tawk.to/59da3f3cc28eca75e4624cb5/ 2 KB
920 B 157ms
88ms Script
application/x-javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/59da3f3cc28eca75e4624cb5/default

Requested by

Host: win2888xsmb.top
URL: https://win2888xsmb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bc8ddd40d5e0d9cdd3e7a5da14e15c31e9a320bb70e1413ddb8a9a1cda9ca16b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win2888xsmb.top/
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:55 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
server: cloudflare
etag: W/"stable-v4-65839862293"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
cf-ray: 8501db907db74bd2-BUF
alt-svc: h3=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 38ms
37ms XHR
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1284564374&t=pageview&_s=1&dl=https%3A%2F%2Fwin2888xsmb.top%2F&ul=en-us&de=UTF-8&dt=soicau%20xsmb%20chinh%20xac%20-%20soi%20cau%203%20mien%20hom%20nay%20-%20soicau%20xsmb%20chinh%20xac%20-%20soi%20cau%203%20mien%20hom%20nay&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=787288734&gjid=2113233726&cid=1167625411.1707038635&tid=UA-157512640-21&_gid=739715005.1707038636&_r=1&gtm=457e41v0z8870375657za200&gcd=11l1l1l1l1&dma=0&jsscut=1&z=823526026

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://win2888xsmb.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:23:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win2888xsmb.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 22 KB
2 KB 100ms
41ms Stylesheet
text/css 2607:f8b0:4006:822::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext

Requested by

Host: win2888xsmb.top
URL: https://win2888xsmb.top/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

63668c9bb00822945d952730dad2b6dca3a9a35d608b3329bfde34706cc38d0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 04 Feb 2024 09:23:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 04 Feb 2024 09:04:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 04 Feb 2024 09:23:55 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 41ms
40ms Ping
text/plain 2607:f8b0:4006:823::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-XYQ5GYKHXF&gtm=45je41v0v9119058129za200&_p=1707038634731&gcd=11l1l1l1l1&npa=0&dma=0&cid=1167625411.1707038635&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707038635&sct=1&seg=0&dl=https%3A%2F%2Fwin2888xsmb.top%2F&dt=soicau%20xsmb%20chinh%20xac%20-%20soi%20cau%203%20mien%20hom%20nay%20-%20soicau%20xsmb%20chinh%20xac%20-%20soi%20cau%203%20mien%20hom%20nay&en=page_view&_fv=1&_ss=1&tfd=2912
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XYQ5GYKHXF&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:823::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 04 Feb 2024 09:23:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://win2888xsmb.top
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 93ms
26ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:34:03 GMT
x-content-type-options: nosniff
age: 258592
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:34:03 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 35 KB
35 KB 129ms
62ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:21:46 GMT
x-content-type-options: nosniff
age: 259329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35328
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:00:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:21:46 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2
fonts.gstatic.com/s/opensans/v40/ 16 KB
16 KB 143ms
76ms Font
font/woff2 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSCmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Thu, 01 Feb 2024 09:30:23 GMT
x-content-type-options: nosniff
age: 258812
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16552
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 31 Jan 2025 09:30:23 GMT

GET
H2 200 twk-main.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 121 B
286 B 84ms
81ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-main.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/59da3f3cc28eca75e4624cb5/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win2888xsmb.top/
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"da5bb1dc647470204df0e49f5afac2de"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9389e74bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-vendor.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 81 KB
29 KB 131ms
129ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-vendor.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/59da3f3cc28eca75e4624cb5/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win2888xsmb.top/
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"ce3014b09c6dfbd6f92bc585fd840580"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9389eb4bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-vendors.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 212 KB
62 KB 181ms
179ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/59da3f3cc28eca75e4624cb5/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win2888xsmb.top/
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"86b32a04921a039ace69980bacd1b639"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9389f04bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-chunk-common.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 219 KB
43 KB 210ms
208ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/59da3f3cc28eca75e4624cb5/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win2888xsmb.top/
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"7cb04588da7fac9195cf9fcf0a9cd695"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9389f44bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-runtime.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 2 KB
1 KB 86ms
84ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/59da3f3cc28eca75e4624cb5/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win2888xsmb.top/
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"8a62145a771f178a2f2776bd2b72d0d5"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9399f84bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 twk-app.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 151 B
206 B 84ms
83ms Script
application/javascript 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-app.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/59da3f3cc28eca75e4624cb5/default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win2888xsmb.top/
Origin: https://win2888xsmb.top
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
content-encoding: br
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9399fc4bd2-BUF
alt-svc: h3=":443"; ma=86400

GET
H2 200 widget-settings Show response
va.tawk.to/v1/ 2 KB
1 KB 893ms
886ms Fetch
application/json 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/widget-settings?propertyId=59da3f3cc28eca75e4624cb5&widgetId=default&sv=null

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

674284496c963491642d8a314c2755ce6bdcc7306147b1fc0057190492223096

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-vmk6
server: cloudflare
etag: W/"2-22-0"
vary: Accept-Encoding
access-control-allow-methods: GET,OPTIONS
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=1800
cf-ray: 8501db958d614bd2-BUF
access-control-allow-headers: content-type,x-tawk-token

POST
H3 200 start Show response
va.tawk.to/v1/session/ 1 KB
1 KB 190ms
156ms Fetch
application/json 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

37915b52d1eee947f1f8c6f74057d940691141ddae4a2e446b50efc72edf56d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win2888xsmb.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 04 Feb 2024 09:23:56 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: application/json
access-control-allow-origin: https://win2888xsmb.top
access-control-allow-credentials: true
cf-ray: 8501db97fbe04bbb-BUF
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-lp8w

OPTIONS
H2 200 start
va.tawk.to/v1/session/ Frame 0
0 346ms
346ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/v1/session/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://win2888xsmb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://win2888xsmb.top
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8501db959d664bd2-BUF
date: Sun, 04 Feb 2024 09:23:56 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-5cvc

GET
H3 200 vi.js Show response
embed.tawk.to/_s/v4/app/65839862293/languages/ 18 KB
5 KB 40ms
40ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/languages/vi.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9efe3efc34aabc064b3fbe827aa17f064aa3bacb4ce1c326d7b20dde81c5f286

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1303796
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"d81fc1e3435374600ca4e2b12286a82b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9b1e0b4bbb-BUF

GET
H3 200 twk-chunk-2c776523.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 10 KB
3 KB 68ms
67ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1305824
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"70aec2dd89cac4933594c25b71d61f46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9b6e654bbb-BUF

GET
H3 200 twk-chunk-9294da6c.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 18 KB
5 KB 39ms
39ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-9294da6c.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1305824
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"398211e86ba1f74c4421bde7a06fc780"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9b6e694bbb-BUF

GET
H3 200 twk-chunk-2d0b383d.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 699 B
676 B 37ms
37ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b383d.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1305823
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"838903127a65ec440893b4945c40ca4a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9b6e6c4bbb-BUF

GET
H3 200 twk-chunk-48f3b594.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 19 KB
6 KB 40ms
39ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-48f3b594.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1305823
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"d1392466f248728bc183c96015db868c"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9b6e714bbb-BUF

GET
H3 200 twk-chunk-4fe9d5dd.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 906 B
662 B 68ms
67ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-4fe9d5dd.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1305823
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"1c5ecf371149feca23bd895ba9dfec4d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9b6e734bbb-BUF

GET
H3 200 twk-chunk-2d0b9454.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 535 B
574 B 39ms
38ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2d0b9454.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1305823
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"c506281367048d4a134c9affbc68c8c6"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9b6e764bbb-BUF

GET
H3 200 twk-chunk-24d8db78.js Show response
embed.tawk.to/_s/v4/app/65839862293/js/ 110 KB
24 KB 68ms
67ms Script
application/javascript 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-24d8db78.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-runtime.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1305823
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 21 Dec 2023 01:45:14 GMT
server: cloudflare
etag: W/"1eaf1603955ff543fb810fe5edc51e58"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9b6e784bbb-BUF

GET
H3 200 min-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 0186 24 KB
5 KB 39ms
38ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/min-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1305823
cf-polished: origSize=24831
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"5742a34aaab2a5983c7c11cdeef1c0ee"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9c3f0a4bbb-BUF

GET
H3 200 message-preview.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 53E3 40 KB
8 KB 41ms
40ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/message-preview.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1305822
cf-polished: origSize=40832
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"cf4a08d496f49489af30571e3cbb48f3"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9c4f294bbb-BUF

GET
H3 200 max-widget.css
embed.tawk.to/_s/v4/app/65839862293/css/ Frame 38A1 76 KB
15 KB 47ms
46ms Stylesheet
text/css 2606:4700:10::6816:1983
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://embed.tawk.to/_s/v4/app/65839862293/css/max-widget.css

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-2c776523.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1983 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

date: Sun, 04 Feb 2024 09:23:57 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 1305822
cf-polished: origSize=78180
x-cache-status: HIT
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 21 Dec 2023 01:45:13 GMT
server: cloudflare
etag: W/"0ab357443b798b4a1db6c4f22b1590f4"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
cf-ray: 8501db9c8f564bbb-BUF

GET
H2 200 emojione.min.js Show response
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ 295 KB
41 KB 95ms
28ms Script
application/javascript 2a04:4e42:400::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/emojione/2.2.7/lib/js/emojione.min.js

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-vendors.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:400::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://win2888xsmb.top/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Sun, 04 Feb 2024 09:23:57 GMT
age: 2587290
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 41275
x-served-by: cache-fra-eddf8230136-FRA, cache-nyc-kteb1890025-NYC
etag: W/"49dda-cp9vjKV4fYl0Ow7X6yf9dkBr+YU"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H3 200 v3
va.tawk.to/log-performance/ Frame 0
0 275ms
275ms Preflight 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://win2888xsmb.top
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-tawk-token
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://win2888xsmb.top
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8501db9d6d904bd3-BUF
date: Sun, 04 Feb 2024 09:23:57 GMT
server: cloudflare
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
x-served-by: visitor-application-preemptive-5cvc

POST
H3 200 v3 Show response
va.tawk.to/log-performance/ 5 B
261 B 522ms
522ms Fetch
text/html 2606:4700:10::6816:1883
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://va.tawk.to/log-performance/v3

Requested by

Host: embed.tawk.to
URL: https://embed.tawk.to/_s/v4/app/65839862293/js/twk-chunk-common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:1883 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://win2888xsmb.top/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Sun, 04 Feb 2024 09:23:58 GMT
strict-transport-security: max-age=0; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: br
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST,OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://win2888xsmb.top
access-control-allow-credentials: true
cf-ray: 8501db9f284a4bd3-BUF
access-control-allow-headers: content-type,x-tawk-token
alt-svc: h3=":443"; ma=86400
x-served-by: visitor-application-preemptive-gb7x

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.win2888xsmb.top/	1970-01-21 03:46:38	Name: _ga_H67RC2Z0T2 Value: GS1.1.1707038635.1.0.1707038635.0.0.0
.win2888xsmb.top/	1970-01-21 03:46:38	Name: _ga_L85EFQFMX7 Value: GS1.1.1707038635.1.0.1707038635.0.0.0
.win2888xsmb.top/	1970-01-20 18:12:05	Name: _gid Value: GA1.2.739715005.1707038636
.win2888xsmb.top/	1970-01-20 18:10:38	Name: _gat_gtag_UA_157512640_21 Value: 1
.win2888xsmb.top/	1970-01-21 03:46:38	Name: _ga_XYQ5GYKHXF Value: GS1.1.1707038635.1.0.1707038635.0.0.0
.win2888xsmb.top/	1970-01-21 03:46:38	Name: _ga Value: GA1.1.1167625411.1707038635
win2888xsmb.top/	1969-12-31 23:59:59	Name: twk_idm_key Value: ykxpydIn5NGgcPmKaCDIG
win2888xsmb.top/	1969-12-31 23:59:59	Name: TawkConnectionTime Value: 0
.win2888xsmb.top/	1970-01-20 22:29:50	Name: twk_uuid_59da3f3cc28eca75e4624cb5 Value: %7B%22uuid%22%3A%221.Wruf1hm6oh6lATxnygOoeMMXlyNw4bXkYCb4sgntvsmOBFmcvROo0lx3hlsUGNz3gGW3svmQ6lo3GqrqdSigB9Eigor5HihJKdnqOGBh3QUnFI5AFVOSgp4Jj%22%2C%22version%22%3A3%2C%22domain%22%3A%22win2888xsmb.top%22%2C%22ts%22%3A1707038637329%7D

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bachthude3mien.com
cdn.jsdelivr.net
embed.tawk.to
fonts.googleapis.com
fonts.gstatic.com
va.tawk.to
win2888xsmb.top
www.google-analytics.com
www.googletagmanager.com
104.21.45.92
2606:4700:10::6816:1883
2606:4700:10::6816:1983
2606:4700:3036::6815:1f6a
2606:4700:3037::6815:2d5c
2607:f8b0:4006:817::2003
2607:f8b0:4006:817::2008
2607:f8b0:4006:822::200a
2607:f8b0:4006:823::200e
2a04:4e42:400::485
029227b15301f02d5b7f37ad930e5478f2435364bc6e7805d90e09c91647824b
0db3a997bf0303354210ecb224dc7b4bb1f81d34aa95fd06cdf13498c265339d
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
147a6d0f0c9a5865d1b99c3af1af337d98032ba897f50d76a28d48531def23e9
171130288b9912be9b602fe27afeed79e4ecdf6ea7997ce8c97b0d5f5aba2359
221f1816ebb7a87ef915cd7a2e091cb0a14082b7ac494039d4e28d29ce384e83
252458ca95d1b4ebb463113ddaf8be2331453431243c0ef8196eef04da4dcf1d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b5b9f68ace12b789b1371204754547021dcbf3e9df630e7e22b49ee56e05b8c
35e5eea83f2e5f2bad1213aa4b4aef30a380720e35c1821f19bc894f8e61e406
37915b52d1eee947f1f8c6f74057d940691141ddae4a2e446b50efc72edf56d1
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3cf45afb3ec3a4a0faf48c3a2f73786c362f53c0c0603bc4e264eb57711ff847
55e274a22a39ef488b093a887ca95430046d5d6f5e65e83418be15498a5a69a5
5dbfd40544ddc2fff198862ea39d3c3550040624968b4fc0e03c06676076cfee
5e75198596addf113c64dc068c38a27c3051aaec21fac9fbbf818547b2b7cd12
60fc7c4b5d7aa9baaa63b18ae3e1e1679721bf2bbfc1f275135a8810f9fcdd84
63668c9bb00822945d952730dad2b6dca3a9a35d608b3329bfde34706cc38d0e
636969d766ff77384ac92f1fb8258325e229e1fe639a9774ba561f466076037e
674284496c963491642d8a314c2755ce6bdcc7306147b1fc0057190492223096
6b224cc8e09dc370bbd52f137c3304ef2b4130cb6e7a97e92a09e9bd5848710c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
70626ffe05cf71e9255d71bb9a053ea18503c6d95f57a69e0a6c6015cd1e9b4b
799596c2833003b4bd92b1454ba52de29fb4fd07edb07648d64e567b0d293f85
7bd9666b0959d868276da481746b74e6a76fbc19f7957e528b8fb022367980bc
7e0a886153a50f34adeb6d141b542d08a6338c5e3bada9fc3ccf88d0580356df
7e83d2a2e66ac174c1a6ea197770eac09bf6a7e6568d96ddf3c18d031b52541a
89f08c4a66c9a737c6155b8313e87b36687fe65bfc9a1ba1783aeace487bcde3
8e456570612ad18b7c62bc69672a36d14cbed8f08482d50924bef9fd3cdf08f0
916c13b184fbc42c59463a47bf90611461bec9e17a10a37def3c751ade00dced
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
9ab5534893fdad8eb491fb1ce0c467b94d1338d9ac7b0e2f5bb82f41b023cb92
9efe3efc34aabc064b3fbe827aa17f064aa3bacb4ce1c326d7b20dde81c5f286
9f13502106664043ae3891d6e9adeae90858679295c98472d131eab8095f1745
ab64138ec18b6480319e7a05003ebb3118c1b805909c2e1f7b272d80fc4e67e2
adfa45260a1306cb5fefc1f17c1b5e7b61135534a82bf1b8e3d0540af7e07e3b
af7c1063aea32d0806a803ca06a53cfff241e8749a2c0faee0892d854c0ab00d
b546581e5556666c8d7fa5ad5fb9a73249dc5e56c99d0f331ace299b2019b6a1
bc8ddd40d5e0d9cdd3e7a5da14e15c31e9a320bb70e1413ddb8a9a1cda9ca16b
cd50385cef163eb376d93e7b1e07fe467de23b60c98373f7d69448214d3e9cdd
d02f66b2c4e26b3ba063c199ce126f434a81fc3f8746149a0955ea778fe5e853
d1c84ac049e364cfa55a84b2e3039d22988fb0ad8b85721a6e196d0803f8248f
da73c4153b75cfd35b659ca8ce4b8f72961aa70134b4eb9da026454df2c0d9c3
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea2c7fe5b9f379bd51bc7a9d6016ddc2f445164a3dd5738a319fbcc23402fa1d
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f66e60b0847e3e093ff135cbecedbcb908fb68e3b6d55c3985a2faa729cac0c0
f79015a3cf327252bc3d529df864a1ee527d12cfcbd0ccae9f1a074e39850e48
f90fe2e4b61536dc1d312c36aadbfdc22154208686e4ebcd00ef8c3a40fae34d
fa97f59ff3cf632b16bebe024f870350d0f55ea135843e9531e73fd3063a925a
fb193c2bcf1a14030cea8d72baa20ab7b1cf88f9e90adb31895279beedf6bf84
fcd1fa4d2007137da13dd581c678acfda42358cbdbda0f0204874fbe2e2c4663

win2888xsmb.top Open in urlscan Pro 104.21.45.92 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

57 Requests

100 %HTTPS

90 %IPv6

8 Domains

9 Subdomains

11 IPs

2 Countries

1420 kBTransfer

3464 kBSize

9 Cookies

24 Outgoing links

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

win2888xsmb.top Open in urlscan Pro
104.21.45.92 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

100 %
HTTPS

90 %
IPv6

8
Domains

9
Subdomains

11
IPs

2
Countries

1420 kB
Transfer

3464 kB
Size

9
Cookies

57 HTTP transactions
1 data transactions