urlscan.io logo urlscan.io
SecurityTrails logo

dewi368.mstenergy.xyz Open in urlscan Pro
172.67.172.48  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot
Effective URL: https://dewi368.mstenergy.xyz/
Submission Tags: @phish_report
Submission: On June 09 via api from FI — Scanned from FI
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 17 IPs in 6 countries across 16 domains to perform 92 HTTP transactions. The main IP is 172.67.172.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is dewi368.mstenergy.xyz.
TLS certificate: Issued by E1 on May 17th 2024. Valid for: 3 months.
This is the only time dewi368.mstenergy.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 161.9.151.82 8456 (ASBOUN)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
6 172.67.172.48 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
5 10 199.232.192.193 54113 (FASTLY)
1 104.21.235.70 13335 (CLOUDFLAR...)
41 154.83.2.16 209242 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f08... 32934 (FACEBOOK)
4 43.152.26.64 139341 (ACE-AS-AP...)
2 172.67.69.226 13335 (CLOUDFLAR...)
1 157.240.252.13 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
5 2a02:26f0:480... 20940 (AKAMAI-ASN1)
5 195.138.255.18 201011 (CORE-BACK...)
2 195.138.255.24 201011 (CORE-BACK...)
92 17
2    161.9.151.82 (Turkey)

ASN8456 (ASBOUN, TR)
bumatek.boun.edu.tr
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
a.pokebob.online
1    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
direct.clothesfashion.online
6    172.67.172.48 (United States)

ASN13335 (CLOUDFLARENET, US)
dewi368.mstenergy.xyz
3    2a00:1450:4001:81d::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
10    199.232.192.193 (United States)

ASN54113 (FASTLY, US)
i.imgur.com
1    104.21.235.70 (None, )

ASN13335 (CLOUDFLARENET, US)
iili.io
41    154.83.2.16 (Seychelles)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
cdn.sitestatic.net
files.sitestatic.net
3    2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    43.152.26.64 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)
s1.kwai.net
2    172.67.69.226 (United States)

ASN13335 (CLOUDFLARENET, US)
qris.otomatis.vip
1    157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net
connect.facebook.net
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
5    2a02:26f0:480:9::210:ee16 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ads.mythad.com
5    195.138.255.18 (Germany)

ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE)
ads.mythad.com
2    195.138.255.24 (Germany)

ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE)
logsdk.kwai-pro.com
Apex Domain
Subdomains		 Transfer
41 sitestatic.net
cdn.sitestatic.net — Cisco Umbrella Rank: 26273
files.sitestatic.net — Cisco Umbrella Rank: 28224
3 MB
10 mythad.com
ads.mythad.com — Cisco Umbrella Rank: 30575
4 KB
10 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7256
1 KB
6 mstenergy.xyz
dewi368.mstenergy.xyz
421 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
4 KB
4 kwai.net
s1.kwai.net — Cisco Umbrella Rank: 25410
162 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
76 KB
3 gstatic.com
fonts.gstatic.com
67 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
2 KB
2 kwai-pro.com
logsdk.kwai-pro.com — Cisco Umbrella Rank: 27519
487 B
2 otomatis.vip
qris.otomatis.vip — Cisco Umbrella Rank: 34634
589 B
2 boun.edu.tr
bumatek.boun.edu.tr
683 B
1 iili.io
iili.io — Cisco Umbrella Rank: 37354
642 KB
1 clothesfashion.online
direct.clothesfashion.online
480 B
1 pokebob.online
a.pokebob.online
629 B
0 dewi188os.com Failed
www.dewi188os.com Failed
92 16
Domain Requested by
31 files.sitestatic.net dewi368.mstenergy.xyz
10 ads.mythad.com s1.kwai.net
10 cdn.sitestatic.net dewi368.mstenergy.xyz
10 i.imgur.com 5 redirects dewi368.mstenergy.xyz
6 dewi368.mstenergy.xyz a.pokebob.online
dewi368.mstenergy.xyz
4 www.facebook.com dewi368.mstenergy.xyz
4 s1.kwai.net dewi368.mstenergy.xyz
s1.kwai.net
3 connect.facebook.net dewi368.mstenergy.xyz
connect.facebook.net
3 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com dewi368.mstenergy.xyz
2 logsdk.kwai-pro.com s1.kwai.net
2 qris.otomatis.vip dewi368.mstenergy.xyz
2 bumatek.boun.edu.tr 1 redirects
1 iili.io dewi368.mstenergy.xyz
1 direct.clothesfashion.online 1 redirects
1 a.pokebob.online bumatek.boun.edu.tr
0 www.dewi188os.com Failed dewi368.mstenergy.xyz
cdn.sitestatic.net
92 17

This site contains links to these domains. Also see Links.

Domain
t.me
s3-ap-southeast-1.amazonaws.com
api.whatsapp.com
Subject Issuer Validity Valid
pokebob.online
E1		 2024-04-25 -
2024-07-24		 3 months crt.sh
mstenergy.xyz
E1		 2024-05-17 -
2024-08-15		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
iili.io
E1		 2024-06-01 -
2024-08-30		 3 months crt.sh
sitestatic.net
Cloudflare Inc ECC CA-3		 2023-12-19 -
2024-12-18		 a year crt.sh
*.gstatic.com
WR2		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-03-19 -
2024-06-17		 3 months crt.sh
*.kwai.net
GlobalSign RSA OV SSL CA 2018		 2023-10-26 -
2024-11-26		 a year crt.sh
otomatis.vip
GTS CA 1P5		 2024-04-18 -
2024-07-17		 3 months crt.sh
*.mythad.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-10-23 -
2024-11-23		 a year crt.sh
*.kwai-pro.com
GlobalSign GCC R3 DV TLS CA 2020		 2023-08-10 -
2024-09-10		 a year crt.sh

This page contains 1 frames:

Primary Page: https://dewi368.mstenergy.xyz/
Frame ID: C2245826FA5F55BA1C4DB8CE9CAF9380
Requests: 87 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

dewi368 - Situs Slot Gampang Maxwin Terbaik

Page URL History Show full URLs

  1. http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot HTTP 307
    https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot HTTP 301
    http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot HTTP 307
    http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot Page URL
  2. https://a.pokebob.online/ Page URL
  3. https://direct.clothesfashion.online/fakevpn/daftar.html HTTP 301
    https://dewi368.mstenergy.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

92
Requests

87 %
HTTPS

35 %
IPv6

16
Domains

17
Subdomains

17
IPs

6
Countries

4681 kB
Transfer

6261 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot HTTP 307
    https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot HTTP 301
    http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot HTTP 307
    http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot Page URL
  2. https://a.pokebob.online/ Page URL
  3. https://direct.clothesfashion.online/fakevpn/daftar.html HTTP 301
    https://dewi368.mstenergy.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot HTTP 307
  • https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot HTTP 301
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot HTTP 307
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot
Request Chain 3
  • https://i.imgur.com/dXa3HlG.gif HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 5
  • https://i.imgur.com/BfVw5nG.gif HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 6
  • https://i.imgur.com/TlmTWQm.gif HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 7
  • https://i.imgur.com/X4wgTCO.gif HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 23
  • https://i.imgur.com/UWeWqPV.gif HTTP 302
  • https://i.imgur.com/removed.png

92 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
Redirect Chain
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot
  • https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot
102 B
276 B 		Document
General
Check archive.org
Download Go to
Full URL
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot
Protocol
HTTP/1.1
Server
161.9.151.82 , Turkey, ASN8456 (ASBOUN, TR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
102
Content-Type
text/html
Date
Sun, 09 Jun 2024 15:56:46 GMT
Keep-Alive
timeout=5, max=100
Server
Apache

Redirect headers

Location
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot
Non-Authoritative-Reason
HttpsUpgrades
/
a.pokebob.online/ 		271 B
629 B 		Document
General
Check archive.org
Download Go to
Full URL
https://a.pokebob.online/
Requested by
Host: bumatek.boun.edu.tr
URL: http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=gmtslot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
http://bumatek.boun.edu.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8912504648465a90-VIE
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 09 Jun 2024 15:56:48 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9nXOq6F7rfLoHgaSfMAQCnirQYei6G8QVpoDHMH%2F2nIrp%2FzXlZk8%2BZo%2BRS7zZ7iVCPNA8DvgzDRZ0E6b3lddqdZd8W4xby26OEXqb26LtH1UN8JRFK80owOLAxVfuawoDb8Jkz4%2FZ4gU9QJyTSo0"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
Primary Request /
dewi368.mstenergy.xyz/
Redirect Chain
  • https://direct.clothesfashion.online/fakevpn/daftar.html
  • https://dewi368.mstenergy.xyz/
311 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dewi368.mstenergy.xyz/
Requested by
Host: a.pokebob.online
URL: https://a.pokebob.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd16aaf65d7bddfcf11f1834de29f3c40229eb31fe650a4101be6d30a07c5126

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://a.pokebob.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89125055e8ff2bc1-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 09 Jun 2024 15:56:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNIlQ7KVeSPMgVr%2FBy04zs8pjgj3RQXk3QoTKMuVQ3GAOLzKFwWdd3stepquTTRXUSUsCaZpruoNgPGEkUvyrRI9hhqHqhWrDk0DvuFV9lndjku14fcZ0wcun00OBFsIkvBzLrKfKl0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
891250517bcb1973-FRA
content-type
text/html; charset=iso-8859-1
date
Sun, 09 Jun 2024 15:56:48 GMT
location
https://dewi368.mstenergy.xyz/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rc2amrDmQsWKpvUnHSaMKJzrWIb%2Fqa%2BT9Cj0MOaEhQImOdP948k1idAbhFk2k6GJYASk3IADotTz7yOh6ElRyJYC12mxSd%2BCVev%2FFTqUEYrAaf9e%2F1URGgczvIinnUljyGr%2BGner3EZik21tvqDv"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/ 		2 KB
981 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Raleway:900&display=swap
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d05e0345406f2d676efda2063643450279a9898463f1be66050ac9ea3786cd03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Jun 2024 15:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 15:52:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jun 2024 15:56:49 GMT
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/dXa3HlG.gif
  • https://i.imgur.com/removed.png
503 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://dewi368.mstenergy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-content-type-options
nosniff
age
5478808
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230024-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1717948610.820639,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 249491

Redirect headers

x-cache-hits
0, 0
date
Sun, 09 Jun 2024 15:56:49 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
0
x-timer
S1717948610.764702,VS0,VE104
x-cache
HIT, MISS
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kjyo7100158-IAD, cache-fra-eddf8230024-FRA
JXbWH7a.gif
iili.io/ 		642 KB
642 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://iili.io/JXbWH7a.gif
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.70 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad37d3fd1d807f2331b403b546b48bd7ddde2bcddd01711d7f163d1c43bcebf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
657144
last-modified
Thu, 21 Mar 2024 12:41:13 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xdPE7ZmWKxiq05KScoOl2PA9m808Z%2BD93ctSPjaBt7RMdB72%2FDLN8q3mLDBD2KpLMwjThGvP473ECgaWSTJeC3Z27N6T3%2FrSqR7RpV8yvVHvT3G5c0NHccZs"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8912505aa89c6921-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/BfVw5nG.gif
  • https://i.imgur.com/removed.png
503 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://dewi368.mstenergy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-content-type-options
nosniff
age
5478808
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230024-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1717948610.820639,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 249491

Redirect headers

x-cache-hits
0, 0
date
Sun, 09 Jun 2024 15:56:49 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
0
x-timer
S1717948610.764579,VS0,VE116
x-cache
HIT, MISS
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-eddf8230024-FRA
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/TlmTWQm.gif
  • https://i.imgur.com/removed.png
503 B
726 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://dewi368.mstenergy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
5478808
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230024-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1717948610.820639,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 249491

Redirect headers

x-cache-hits
0, 0
date
Sun, 09 Jun 2024 15:56:49 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
329
x-timer
S1717948610.764538,VS0,VE1
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kjyo7100030-IAD, cache-fra-eddf8230024-FRA
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/X4wgTCO.gif
  • https://i.imgur.com/removed.png
503 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://dewi368.mstenergy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-content-type-options
nosniff
age
5478808
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230024-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1717948610.820639,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 249491

Redirect headers

x-cache-hits
0, 0
date
Sun, 09 Jun 2024 15:56:49 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
0
x-timer
S1717948610.764854,VS0,VE104
x-cache
HIT, MISS
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kiad7000125-IAD, cache-fra-eddf8230024-FRA
jquery.min.js
cdn.sitestatic.net/assets/jquery/ 		85 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
H1E605QW4EEZZJ3Y
age
378226
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
9znB/SFW3c1FiIGqhYWWT31ikQlpA1FPVTXfNuNeRruwHfHWU+RBvkjJ58VLy+t29JSjeiPrmto=
last-modified
Sat, 29 Jul 2023 05:07:12 GMT
server
cloudflare
etag
W/"a09e13ee94d51c524b7e2a728c7d4039"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8912505aecab82b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
bootstrap.min.js
cdn.sitestatic.net/assets/bootstrap/ 		39 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sitestatic.net/assets/bootstrap/bootstrap.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
V4Y08PE6718S6GV5
age
115407
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
g42vGbsTVWZL69k59ZTaJS9kK73bMhbI0UqmFAVu4jO2g3AOdXMpwViaUxi7+OWUS9zVR68ckN4=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8912505aecb082b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
icomoon.woff2
dewi368.mstenergy.xyz/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://dewi368.mstenergy.xyz/icomoon.woff2?h141kb
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Origin
https://dewi368.mstenergy.xyz
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B%2FLlT9wzIyb%2BGXXCtxlvpoWKA2qauhQKj%2FF%2BphNG%2FNFtOg1cK%2Bt%2FdLsavEUaAjHxrR5aBttxrQ0goOX6IqkyrT%2Fblv4QD6s3dgq3b5GEWkkapOcxGNoAMadanCPGnUIcTtjxkWBvT7k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8912505aaedd2bc1-FRA
alt-svc
h3=":443"; ma=86400
swiper.css
www.dewi188os.com/css/ugsports/ 		0
0
app-mobile.css
dewi368.mstenergy.xyz/ 		248 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dewi368.mstenergy.xyz/app-mobile.css?id=d7271366690886d588ae
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2538d3b57022bc05f3800160ff645dabe6819fb899ac94603a7214fee5fa6b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2024 23:57:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=opE5s6Pvsvxb398pqfZZyh67xTUq%2FJGFtHIa4nXWPK8xYiihpnBvIHeZA8uMZGm2ABbIMjB79ZNlgtpcvULE8djTwaDMTNwJ2tT%2F0obxAwJBu9GsFfVN%2FZBfrFCCsnBscgh5Vty7t%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8912505aaee22bc1-FRA
alt-svc
h3=":443"; ma=86400
custom.css
dewi368.mstenergy.xyz/ 		28 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dewi368.mstenergy.xyz/custom.css?id=d002093e299d92b41341
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ec963ec2ddda256157253e8ef9a8355423cfd49733c6a0192796c6d341e828

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2024 23:57:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ge%2FyeYHgqBBNuhXZRjheW3Z4tvUnKtj6ORC7wS1qMgKGV4v4NCTa3bJxC2vHGV9%2BOEe3HkHweBVE13COd6TJE2zmtPkRB5O23abxSoCczcpduZGZAQGoZdithyd%2BhDkkGszgJtg3FlM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8912505aaee72bc1-FRA
alt-svc
h3=":443"; ma=86400
sweet_alert2.min.js
cdn.sitestatic.net/assets/jquery/ 		66 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sitestatic.net/assets/jquery/sweet_alert2.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
ASQVFGDWGP0VQM8V
age
113731
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
NJoqYVnGSL9+xSbdYXzxILSXRqYExVJrV8t3xMLmuMpMzxOqe2fbdJSjv4kRdyMelxqK57qVFM8=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"0c0de18caa00c8ea26099fb8cd50b05a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8912505aecb182b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
jquery-ui.min.js
cdn.sitestatic.net/assets/jquery/ 		248 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery-ui.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
Y5GEHSGVQEHJVVHY
age
113731
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
f6MQujIwS8KJm/cjl6q/z2N2fKiqKs5KClU0uDxEzVm5HSivWMH7RpSeKb59erAt6UK+J3Rotl4=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"c15b1008dec3c8967ea657a7bb4baaec"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8912505aecb382b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
jquery.ui.touch-punch.min.js
cdn.sitestatic.net/assets/jquery/ 		1 KB
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery.ui.touch-punch.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
2YT1CRBG6B0XNZ2M
age
113731
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
U+LNnIDuRkoHOflqe4v/1vtO7Urty+bJ9WaWVEgj6q+Q4sMT48pqKnZzYXHzAGR7H9iBuJr8t70=
last-modified
Sat, 29 Jul 2023 05:07:12 GMT
server
cloudflare
etag
W/"700b877cd3ade98ce6cd4be349d81a5c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8912505b4d3782b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
65257984a64b2_output-onlinegiftools.gif
files.sitestatic.net/ImageFile/ 		2 MB
2 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/ImageFile/65257984a64b2_output-onlinegiftools.gif
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4033ddb5c07522e6dec870574082458dabd076c334a5b1446d54e2da542e45dd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
kNBor1p6BRA9YbxsOG4OaCfRiAaMw.dz
cf-cache-status
MISS
x-amz-request-id
0XTD6267VPYETF3J
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
1906333
x-amz-id-2
nDGGwnVxGOlMVdvk4Hp2q/YMwVpkHp89jtRoYGnNg65Yv5fixN5/CwWdYiZH17B1O5yi9arbYSA=
last-modified
Tue, 10 Oct 2023 16:19:18 GMT
server
cloudflare
etag
"97b14322a17884cafbf60581291c49a7"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505b5d5f82b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
64f9a3d900f37_64f583d516c92_RTP%20Slot%20Revisi.webp
files.sitestatic.net/ImageFile/ 		43 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/ImageFile/64f9a3d900f37_64f583d516c92_RTP%20Slot%20Revisi.webp
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0e10c58f30442fe280c8d102bfe08883fdcc2c4008a0032e68d2165816075cc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
c7yB6jomgfwrzPWi2ku6SflhYvwvrn3X
cf-cache-status
MISS
x-amz-request-id
0XT2QREMZJ0TR592
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
43744
x-amz-id-2
jIrOlVcTZC43IF11e9iNGMCXLy1ZFob4i4nlXSce6838dFNAVT+47zecfkQtetCH6jgtsRLfOcE=
last-modified
Thu, 07 Sep 2023 10:20:10 GMT
server
cloudflare
etag
"e7c7df2e4dd90db7f0934990c80c2297"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505b8d9082b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
DEWI368.png
dewi368.mstenergy.xyz/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dewi368.mstenergy.xyz/DEWI368.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c754bb76abe4e581edaf719bc873d364e4e6031644fda40ad605eb3da37e7328

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2024 23:57:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=neneMrdpy%2BzUQkWCRK4BGcYzpq0B7u%2BxS0MafXrLSwxlAa4wXSgH6NaotsG3PJgzYgIPcajw9VoJk8lzQrzEC6fzReRgz4VJ1MOswaNKuYBWJOHAgGG0E9hsGj9ew6rExzatEeIMQcI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8912505aaeea2bc1-FRA
alt-svc
h3=":443"; ma=86400
content-length
40351
0_W_slider-5.jpg
dewi368.mstenergy.xyz/ 		304 KB
304 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dewi368.mstenergy.xyz/0_W_slider-5.jpg
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed30c846d58a68884e549ea69a8826034ab1d034874f4211454b9e34fed6ef7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2024 23:57:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Olb2%2BUMAjJwzD9h5YnZoy%2BJXNdkpmR9yYO%2B5C43trNNxMtRaHieG3ADT48HQN4oSLOfzE%2BlguPn7hnj0XlsaxB4LB9uPTe9iyWZNvr6NQbf5nqsflcQsLzWfV%2BFwEGyGKYZ87M%2BLJ%2BU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8912505aaeeb2bc1-FRA
alt-svc
h3=":443"; ma=86400
content-length
311073
css2
fonts.googleapis.com/ 		1 KB
525 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Rubik+Mono+One&display=swap
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3936eeba9a43265b4a8231e235e20ccf1462bd79e86b918b9da41c9fac30cdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Jun 2024 15:56:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 15:56:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jun 2024 15:56:49 GMT
202401221335290000000e2d0f9467GGGAAAT__484x155.gif
files.sitestatic.net/progressive_img/ 		181 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/progressive_img/202401221335290000000e2d0f9467GGGAAAT__484x155.gif
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
74245c6e47902cbf49e7f703dfac18571e957f638ecd8c07b15c1a7bc6b484f9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
e_LBZbKXy_o.D4Sns1FYRt_1avXN6jYY
cf-cache-status
MISS
x-amz-request-id
0XT1QWVK60FHR4K3
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
185504
x-amz-id-2
MYYZ3uQREzzlryxr2juQ7l2xmNp9+o7oaNDh5Icik1unMp/gmBmaGxZxsPOh4/KK3s1x2xFrhho=
last-modified
Mon, 22 Jan 2024 05:35:30 GMT
server
cloudflare
etag
"4e79d82f2be598b87a076009aba01ee6"
vary
Accept-Encoding
content-type
image/gif
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505b8d9282b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/UWeWqPV.gif
  • https://i.imgur.com/removed.png
503 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.imgur.com/removed.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Server
199.232.192.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
fi-FI,fi;q=0.9;q=0.9
Referer
https://dewi368.mstenergy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-content-type-options
nosniff
age
5478808
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230024-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1717948610.820639,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 249491

Redirect headers

x-cache-hits
0, 0
date
Sun, 09 Jun 2024 15:56:49 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
99
x-timer
S1717948610.842724,VS0,VE1
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kjyo7100050-IAD, cache-fra-eddf8230024-FRA
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3689e0482573b519c0e70686b17303b5439d7f931ef6b226f799f075aab39e00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dewi368.mstenergy.xyz
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:17:54 GMT
x-content-type-options
nosniff
age
437935
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21904
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:17:54 GMT
fbevents.js
connect.facebook.net/en_US/ 		219 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 09 Jun 2024 15:56:49 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=12, mss=1368, tbw=2809, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
Ci1uM4RMT0Aw7KJYXLy77YrZXZDIGK6FqWdkB1hOgeFYCy8aHGMiFT0/dOnzsZaboBAji31N71wnIBxdnFP6Ew==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=567155347929432085&lib=kwaiq
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.64 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
185.204.1.183
Date
Mon, 27 May 2024 02:56:14 GMT
Content-Encoding
gzip
x-oss-request-id
6653F64E970E1130322584D6
X-Cache-Lookup
Cache Hit
Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign
NULL
Connection
keep-alive
Content-Length
3744
X-Ks-Request-ID
9169743925162466460
X-Ks-Cache
Hit from 43.152.26.64
x-oss-object-type
Normal
Last-Modified
Mon, 27 May 2024 02:52:15 GMT
Server
Lego Server
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
9169743925162466460
Accept-Ranges
bytes
x-oss-hash-crc64ecma
13562747518461854989
x-oss-server-time
2
Expires
Wed, 26 Jun 2024 02:56:14 GMT
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=579857628894334997&lib=kwaiq
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.64 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
185.204.1.183
Date
Mon, 27 May 2024 02:56:14 GMT
Content-Encoding
gzip
x-oss-request-id
6653F64E970E1130322584D6
X-Cache-Lookup
Cache Hit
Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign
NULL
Connection
keep-alive
Content-Length
3744
X-Ks-Request-ID
16584995521485573004
X-Ks-Cache
Hit from 43.152.26.64
x-oss-object-type
Normal
Last-Modified
Mon, 27 May 2024 02:52:15 GMT
Server
Lego Server
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
16584995521485573004
Accept-Ranges
bytes
x-oss-hash-crc64ecma
13562747518461854989
x-oss-server-time
2
Expires
Wed, 26 Jun 2024 02:56:14 GMT
merchant_active
qris.otomatis.vip/api/ 		68 B
589 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://qris.otomatis.vip/api/merchant_active
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cfc71a003148530cab6faceebfeeff722dd0c8805476b44a71eb74004a811bd1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application.json
Referer
https://dewi368.mstenergy.xyz/
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:51 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"44-VQIPgLtuHZgtwdJsCodMGA3LTI8"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7NDyKHXXBfkE1HgcT2%2FECv9JzzRJaALYl3TicKAiRfXY8SMYplhEN32X1kpgUL1Znjf32ghac0lnmdWbHrDDXEP9KME2Z%2BIXw9SloB4QmeEfU3Kk9%2BrFnr4itmsxAt4%2BpkN"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
cf-ray
89125062ff9d71cd-FRA
alt-svc
h3=":443"; ma=86400
merchant_active
qris.otomatis.vip/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://qris.otomatis.vip/api/merchant_active
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dewi368.mstenergy.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://dewi368.mstenergy.xyz
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8912505c0d5471cd-FRA
date
Sun, 09 Jun 2024 15:56:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hmRGnTfnqaFCA0TraUPYFRqcOylMXWeUM23INIxdMAtPZl2b8hnD8OQ2revA6l8O2kS%2FdtG%2FbMHxprz5Uo%2BUo9ATfSwLDoquOqA%2FA%2B2y7XFj3SvgeR7SG9y0gVnXkZ%2BA2qsg"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
Maneki_Neko.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		19 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Maneki_Neko.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
70780a7c65b77d6d22afe34711fd6571bdaff21596575801b9459f4f2db9855c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
eZ.TWEy8Ec2ecekPKEkKj_TeO3SBPC1X
cf-cache-status
HIT
x-amz-request-id
G3H9CZ3GVFKNA8E1
age
307742
cf-polished
origFmt=png, origSize=22441
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Maneki_Neko.webp"
alt-svc
h3=":443"; ma=86400
content-length
19904
x-amz-id-2
UVrsE7BwTgcY2gZc89iZKSDUi2YS0Gr+FAQmRUlBkztQTvl6ifhsTOhV3F+jjpzGh8KeefQdRDKU4HPKWTuOJw==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 12 Apr 2024 10:53:08 GMT
server
cloudflare
etag
"650487dbd3efbb6cd1a3da6c1727cee2"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505b9dae82b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
Mahjong_Ways_Two.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Mahjong_Ways_Two.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96a5e5a540a4dfbcd282bfbb91f69ddd72f7209719b7c11d0af648a5102d79da

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
x3JiK5B5fnGWCbLzlBqUhHUvBezzEkNG
cf-cache-status
HIT
x-amz-request-id
84KSYGM2BQE1WJZ0
age
224027
cf-polished
origSize=22530, status=webp_bigger
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
21781
x-amz-id-2
hnCBYdSRPYXX3Rx62w8Si3tSb8WEn9lMR06+n9lrx4W8fBSgqS1T9QxDi+d8WhViXh+g/Lpo6Mc=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:46 GMT
server
cloudflare
etag
"bc01167bfc2cc3da649f2676848db923"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505b9db482b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
Gates_Of_Olympus.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Gates_Of_Olympus.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c783ae9a7961fcafdda9d2c0ea62c73fadc4811f06a4ffc08f7e654bb83cf472

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
S4GR9uNWr.zKiF_6y5R8PTHxR5Zee5w9
cf-cache-status
HIT
x-amz-request-id
G87JCJ2GYRSA1MA9
age
113731
cf-polished
origFmt=png, origSize=21732
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Gates_Of_Olympus.webp"
alt-svc
h3=":443"; ma=86400
content-length
20610
x-amz-id-2
v6XghGs/BoZ2dIyLN78aLQA7uTYgHjhXUBv2nLKea+gV+zYgNj6ayzTiyS4RO0I9ytFNywb2rdvVvpOk6w3k/Q==
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:41 GMT
server
cloudflare
etag
"2ca81042859e7e09bec1de01b6f2a352"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505bfe2982b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
Starlight_Princess.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Starlight_Princess.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06b3b723285deec88d88deb08bf651d1a66959b60959785fe07d4e2888de9998

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
biiVY1BNQEW0ox8XUT4b3LEGy45XJ370
cf-cache-status
HIT
x-amz-request-id
CD153QFD5NQPQPW4
age
113731
cf-polished
origFmt=png, origSize=19891
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Starlight_Princess.webp"
alt-svc
h3=":443"; ma=86400
content-length
18698
x-amz-id-2
XTPJtNaWiW+qRTmJ1EcW2b++Gect/t0Br9NQecvGBMvuer3TzaJNR1gtbSHMu36QB4ZPfYuD3vA=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:49 GMT
server
cloudflare
etag
"c0ebcad0fb5984762cc644bb6c4d1f07"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505c2e9982b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
Mahjong_Ways.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Mahjong_Ways.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f73ac99c08fabbedde5cae860087d7d16d9e6ab85863f83b6dd89e2a934012af

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
In6gxRZ8b6PnTDNXDu.JBO90nm15oeCZ
cf-cache-status
HIT
x-amz-request-id
JG8ZSTR49V8AKJ5C
age
357106
cf-polished
origFmt=png, origSize=20153
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Mahjong_Ways.webp"
alt-svc
h3=":443"; ma=86400
content-length
19252
x-amz-id-2
zvgdfvVgeg7U2CbJ4nDLRpCDv8BhsJ0F4lWV6puC3YGex2yWwRQs9saEgbYBfN7ckSdLfvllqUU=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:45 GMT
server
cloudflare
etag
"b971c6792f68d486371df509ad3c0661"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505c2e9e82b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
Sweet_Bonanza.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Sweet_Bonanza.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb2b812df04aa12e2f598c4847c516b077a0249ff62e84951c94fd9b22f31b1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
0YrO38l4D.o9DfeiC.D7BmkxiULY_Aw5
cf-cache-status
HIT
x-amz-request-id
JG8GMMY0Q5CKJGBP
age
357106
cf-polished
origFmt=png, origSize=17058
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Sweet_Bonanza.webp"
alt-svc
h3=":443"; ma=86400
content-length
16686
x-amz-id-2
kSzIzoR6lKMSCvc+9lzYM7T4NMLOsboBspagQ9gad8qcJ2rvzDDorMgiTMJQX9gFa7BEpZJ3XL4=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:52 GMT
server
cloudflare
etag
"6cc91fa9659038c1b7d61d9e8794bb80"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505c2ea482b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
Gates_Of_Olympus_1000.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Gates_Of_Olympus_1000.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
26936934bd1611d66d3c77d318d16af4e067d6b45ed70f9d914c2870949df658

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
rP_jiNr3X7lkNOVoyNTwov0IZw2fozDU
cf-cache-status
HIT
x-amz-request-id
2T1HFYZ2P7DA2PDP
age
410106
cf-polished
origFmt=png, origSize=74738
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Gates_Of_Olympus_1000.webp"
alt-svc
h3=":443"; ma=86400
content-length
60708
x-amz-id-2
ginSLZ86tUl4AJyJsKRjM8Des/FnIWhsG78Tgku4uXrECBdsD4d6oWM6MlduverE5oNT2SEgOHPbrwfgH7fp1Q==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 12 Jan 2024 12:52:59 GMT
server
cloudflare
etag
"62ef81bab5264926d8f2068140cd80e4"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505c2eac82b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
Lucky_Neko.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Lucky_Neko.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e458b6398b0f729b96a4c6134d5d11857f65832b5f66acabe27e7a9ff2d5e10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
pv76Enwz6LhszHxkVHUvGUms0dWzDTms
cf-cache-status
HIT
x-amz-request-id
8BKVVXN5QRDGNTPP
age
80844
cf-polished
origFmt=png, origSize=19347
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Lucky_Neko.webp"
alt-svc
h3=":443"; ma=86400
content-length
18078
x-amz-id-2
TKE99FWmyQQi8B9rML3WZnxs67ZaAm7DuMMe1x1CSxx+p8SQRygGr7LLspcvpcg3NLNrfq0+aGM=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:43 GMT
server
cloudflare
etag
"026aede0e800879a5cd791409692b598"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505c2ead82b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
Neko_Riches.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Neko_Riches.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a2f63033d659ab070c5fe3391e27c2e59ee90024dd48451f72ff4ff63ecbd9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
G0.VTw5pykVmnpYd56sVm3_eZFvYRSpx
cf-cache-status
HIT
x-amz-request-id
JG8QJ8GJ0941HP26
age
357106
cf-polished
origFmt=png, origSize=17957
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Neko_Riches.webp"
alt-svc
h3=":443"; ma=86400
content-length
17126
x-amz-id-2
MCXcxIfYth6f2vm7SEqawl0hlG2xTwug5H25ZGE5aIVT95ICskeB2T0P1TE7QS2v6WxE4w9vtU0=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:48 GMT
server
cloudflare
etag
"f764de80b2bfc14a2448a6b132d1ba7d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505c2eb082b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
Wild_Bandito.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Wild_Bandito.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c58c101cc884efde178a3043489874d9f58bce38e1b6a6795ef8065abbf48f6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
bmBHQZ8z_J8SYtVcGWBxtmi9_xkPg73Q
cf-cache-status
HIT
x-amz-request-id
2QAZMQ7XYHGRK4BH
age
202005
cf-polished
origFmt=png, origSize=19636
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Wild_Bandito.webp"
alt-svc
h3=":443"; ma=86400
content-length
18740
x-amz-id-2
r7cE1fr5fch+mMg+WrT4F/ZgJXp/9KhstUQE+pmdxQfzLMZGIntcbj8APsoEY5MKMv6vJG3kA/s=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:57 GMT
server
cloudflare
etag
"911838672d75d53326341e56fb1ad30d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505c2eb582b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
Starlight_Princess_1000.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Starlight_Princess_1000.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ecb52b412444d5649e7cb8e2dbceb134216bae4a3126f90e87e2a39223c48e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:49 GMT
x-amz-version-id
EBH7_w39F0Bzgds7kbimj7W80jT3Swhx
cf-cache-status
HIT
x-amz-request-id
6BK0BRD1FN5S1PHN
age
576465
cf-polished
origFmt=png, origSize=21375
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Starlight_Princess_1000.webp"
alt-svc
h3=":443"; ma=86400
content-length
20054
x-amz-id-2
gL5g7SgVkV6Bi1fmLoETQ3ThIzDuOT9UB4pWqnqFSFAs8nd4uVeKbG30VmXKa+/i5W0AL/WFCz8=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:51 GMT
server
cloudflare
etag
"21e420b9e0210a1662aed8aabb769d60"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505c2eb982b2-ARN
expires
Mon, 09 Jun 2025 15:56:49 GMT
style.min.css
www.dewi188os.com/fonts/ugsubskin/icomoon/ 		0
0
326221803187753
connect.facebook.net/signals/config/ 		68 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/326221803187753?v=2.9.157&r=stable&domain=dewi368.mstenergy.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9b93dcca4e1e75abd81f9aa0a92c61be17207bb1c3e0e47d7c1d7ac538fc4c98
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 09 Jun 2024 15:56:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=62, rtx=0, c=63, mss=1368, tbw=63516, tp=-1, tpl=-1, uplat=124, ullat=0
pragma
public
x-fb-debug
Gd0gZS4PeSVdfVypbtpW8NbYLW1G3f52cPndHvtsvRMwPPlZ6uHPoxQeDioS4iR0OBXjuNioDQwhbSsgLTdyFQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
4DShanghai_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/4DShanghai_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4258325d0e652bee5432a0d18b3b1d596659b03f5a86f0636565e78ad16f0a3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T050800Z
date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
cRlmi4s8wMCueUkoYWKeggdETM4usH5h
cf-cache-status
HIT
x-amz-request-id
CKYQSA41Y3EHA3VQ
age
602276
cf-polished
origFmt=png, origSize=20831
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
7b537a9e0dc92ecbe35d74c61565c865fd3f8eb4158a7c1a5ae63431a6324410
content-disposition
inline; filename="4DShanghai_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
13496
x-amz-id-2
MwG1Tx1YeF00ms3mbahi0l8yAuixL9K/YMgZ5nm6jKcDgRl5w70VnzM16Ve8ihQHGCqykdPfvjg=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:18 GMT
server
cloudflare
etag
"246e01762054b8d6f9739adb05545018"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d889082b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
toto_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/toto_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f018b8a0bda4f9ecf744ff4816799ca811d7fb0bb4e391f16612b6ad641c4d5f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T050149Z
date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
P753lleux34qcZIwp2K4VVYHiHlnT.Er
cf-cache-status
HIT
x-amz-request-id
WTQR2T8JMMEB4JKM
age
298471
cf-polished
origFmt=png, origSize=17733
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
2db954930c796037a605d34adffd198beec535c530303cebc79d9bdedf5f1df8
content-disposition
inline; filename="toto_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
12116
x-amz-id-2
1eEPIsSzXmoYr2JuVEhsgvB33hSUKK7G40n2xRkZ7vbtgN5+aFABj7cRVsHiPjt4aDoYvFANhB4=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:19 GMT
server
cloudflare
etag
"35aded89a44dc59b8d67c1dc2cd6c126"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d889282b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
pool_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/pool_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c6e52bde4cc463f31ed65f80f376b8c58a223f75b4bc3338d9d3b54d3431a4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T050455Z
date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
55QMxsusrtDd9NXqFXdHZPJ1UDEV7Wfq
cf-cache-status
HIT
x-amz-request-id
AHGW0V8NEED92BA2
age
260126
cf-polished
origFmt=png, origSize=22113
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
a3918ee135aa18682d95357bcbf2ba1c10fdc135ee3abf372ce12e5cd70c4069
content-disposition
inline; filename="pool_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
14640
x-amz-id-2
JMXo5DvJphbRw3dR1OPbh4slcvsp0W7Zyne1oZyWCJzNFzvGBjGS79OzgScERANko1zb/B49Of4=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:19 GMT
server
cloudflare
etag
"031331cbf5f8550904b9ba00229c715b"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d889482b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
king4D_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/king4D_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3043faabfc9ef8064fceef7f739ce3346b98579cabcf518a9197f7d124292fc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T051448Z
date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
HIs3pdprzJuXRnkeHlPIZSluw.r8t2rO
cf-cache-status
HIT
x-amz-request-id
CKYHGGM7HY4F33B3
age
602276
cf-polished
origFmt=png, origSize=18340
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
37bfe8eb57cd9c5dc556cdb3662198849f7c638b6223fa7ec660e6375b767333
content-disposition
inline; filename="king4D_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
11598
x-amz-id-2
yZ6nXI255RfVytq+EQUdRj5L/9uI7PZyHot9q9TG093wwJqkmPO/lIU3cqQzBIjwUcJJUcTkxgk=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:18 GMT
server
cloudflare
etag
"1f0b84960a0b799d0c9e88ba4c472d7f"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d889982b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
HKGrand_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/HKGrand_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f80cdbf4cc504bcc47aa3fa33c4729dbe72e4df21e5610e4b3a15cfdb19d988

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T050936Z
date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
7wXd10smtwOxpDe9nqlnMnJOEyiOdjuX
cf-cache-status
HIT
x-amz-request-id
JG8GG5HC012K13B1
age
356918
cf-polished
origFmt=png, origSize=21303
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
71f72f2b2e6d7ea0ed575c6497efdd103f37f814eecc634fefb6af781cda273e
content-disposition
inline; filename="HKGrand_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
13584
x-amz-id-2
T8Gf8E93113sJtilsAltlCqUvHHELXN8zfVZLXqG12ZhpvV24nxf5tGfqJ9mld3/2IOiBp7ZY+s=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:18 GMT
server
cloudflare
etag
"f3a6b7700940af0420845d154f36fa1e"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d889b82b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
amazon_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/amazon_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ddb9b51c5a2d9a773bdf1f50364aa809b41a3d0fa947fc485e2480647ad59c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T051244Z
date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
6VlmMuxQEQdG.vgAZco8lMzK_ragurOE
cf-cache-status
HIT
x-amz-request-id
4CZ796772WEHSC2F
age
224028
cf-polished
origFmt=png, origSize=22771
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
86c21bf694873e0a95347027bbf7327bb122e14542500ed93759cd19f67093d5
content-disposition
inline; filename="amazon_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
14596
x-amz-id-2
b1GhrJ0C+fueXecuLPTXkimNjTnmFnaPOVe9aeKYp9FhyYWA6SIagrft0QmaOw0NK9UmISw6pLc=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:18 GMT
server
cloudflare
etag
"ed48fd95fe064232d6273d069139d854"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d889c82b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
user.png
files.sitestatic.net/assets/imgs/gigagaming/ 		886 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/gigagaming/user.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fbf85a9cb3dd8d9b9cee3a1014e3caf54e5c48db130732840ba7733af1a01ec

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20220715T092448Z
date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
BwLSKBdxhm3alFCnHjnbK_.lWXakwovR
cf-cache-status
HIT
x-amz-request-id
E1TPCMVQAAJ6S5Q9
age
260125
cf-polished
origFmt=png, origSize=1402
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
82e9ec0c6df65415904210f107561a4ff1df6bf3233739d4fce8275bdc902198
content-disposition
inline; filename="user.webp"
alt-svc
h3=":443"; ma=86400
content-length
886
x-amz-id-2
A15oYeil3ubMHL4UMmP86j2n1sg6oL/H6FTBMqDT56ISrFHDErdPRoilSfnaxpDS2yS5sLmUFRTQ7n2xJ4zvPQ==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 15 Jul 2022 09:31:11 GMT
server
cloudflare
etag
"2e5275e8574c38ec016d594a9d719118"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d889d82b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
cash.png
files.sitestatic.net/assets/imgs/gigagaming/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/gigagaming/cash.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
891b06c855b5a66c0fcb5007d609e4c3a81f0cee98ffad8835ab8e98521b95c5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20220715T092704Z
date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
87yPaoADlDjPrBkkch0QViK2kXzJ4itT
cf-cache-status
HIT
x-amz-request-id
2QAGVA0PEVWVNMD1
age
194271
cf-polished
origFmt=png, origSize=2268
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
ae2181f834c42eb2382906275ae1192f39f57ea4f94bd318e916ffcf4f6571ba
content-disposition
inline; filename="cash.webp"
alt-svc
h3=":443"; ma=86400
content-length
1304
x-amz-id-2
KSE3XJFjOC/ITupFN5XRtHqRlpPo3kZCqtF/LW/JlRdSYqgJIfdNjW6KEfopS7z1XYLlRHj2NtM=
cf-bgj
imgq:85,h2pri
last-modified
Fri, 15 Jul 2022 09:31:11 GMT
server
cloudflare
etag
"774f301c1313f3fd760fc75d4a921ee6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d88a082b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
online.png
files.sitestatic.net/assets/imgs/gigagaming/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/gigagaming/online.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc9c3093d1d005ecb2f9bb322d8defba8bec58f505708e4d508335fa1fd87ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20220715T092624Z
date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
MW8EsZ__bFok98kkyCTjnHrto1TFEWEY
cf-cache-status
HIT
x-amz-request-id
FKGPRY5A4BAB3TVA
age
60257
cf-polished
origFmt=png, origSize=1943
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
4601c973464ccad30f025ba2eb8f524c55917ec84eb93bbd6aa6768a65e88428
content-disposition
inline; filename="online.webp"
alt-svc
h3=":443"; ma=86400
content-length
1244
x-amz-id-2
zSsgTL0oK1g1gbA8uPvkgSVVHORwbPLwZpV6s0WHOp96uOnjRGvvheq+Zer1yAuBTB8LXZuJsj22nB0CNDkKCQ==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 15 Jul 2022 09:31:11 GMT
server
cloudflare
etag
"0058dcbac59d5e17685880e45d2e57a8"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d88a382b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
bank_col.jpg
files.sitestatic.net/sprites/bank_logos/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/sprites/bank_logos/bank_col.jpg?v=3
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9a42baeabb75eb4eeb81d111196c4d5b129288f195c9ea8ab17b7344a29152

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
mf8_Ntbd6wMRnXvDqml_sFaja__VLggA
cf-cache-status
HIT
x-amz-request-id
GW0F3N2DG6PCNF8R
age
119345
cf-polished
status=not_needed
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
1726
x-amz-id-2
fZ4Yx99rZII1k7OWZ+OHVGQEIY1i9ZtDQqpSRXQD5hnK5kncGu0S7q9dDuajcM3jc1gDo8Ha8Hp1R5qRde2tUg==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Dec 2023 04:25:54 GMT
server
cloudflare
etag
"af9df6537ae2ed0ce71c27996899b8d4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d88a482b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
ewallet_col.jpg
files.sitestatic.net/sprites/bank_logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/sprites/bank_logos/ewallet_col.jpg?v=3
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1bc6ddf81b9212855c94157645c93be27c8380737f4ee22502220e2f57822d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
YbJ8yC.ozANJQ2DTvJ_FOng9bCXoTnCd
cf-cache-status
HIT
x-amz-request-id
RG3GZHABC88FZ9JS
age
217440
cf-polished
qual=85, origFmt=jpeg, origSize=1410
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="ewallet_col.webp"
alt-svc
h3=":443"; ma=86400
content-length
1230
x-amz-id-2
hUoRR7O2H6pf0fSNZI2XUpQrNcK2nO/AAjhFj86zXRJoU2yUuzAtX2voPIK5Otl8cSKxooVuEY6b2CbRIZ6x8g==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Dec 2023 04:25:55 GMT
server
cloudflare
etag
"a8fff466cb41638b9ec8809d201661da"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d88a582b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
pulsa_col.jpg
files.sitestatic.net/sprites/bank_logos/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/sprites/bank_logos/pulsa_col.jpg?v=3
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
230d6bc167e2bd82773b97c8a50ff08481d6006f1c4ecc547403cd5ae2e9b969

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
x-amz-version-id
xhl01QGXRGhxbTKEa24j63rnPkNYvNt4
cf-cache-status
HIT
x-amz-request-id
P1B1P6CQAF1F3KGJ
age
217441
cf-polished
qual=85, origFmt=jpeg, origSize=1239
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="pulsa_col.webp"
alt-svc
h3=":443"; ma=86400
content-length
1094
x-amz-id-2
8IvjbQoq48gSO55ymVXkidOlsB+eGRi/BKV3rJzq4jsRB0On0ou6hyt0NXn0xiyUqMM0ox7txZ0=
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Dec 2023 04:25:54 GMT
server
cloudflare
etag
"de6e906389c16211ca3beeba325e530d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8912505d88a882b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
log_html5.png
www.dewi188os.com/assets/images/ 		0
0
btn_playnow.png
www.dewi188os.com/assets/images/ 		0
0
jquery.validate.min.js
cdn.sitestatic.net/assets/jquery-validation/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sitestatic.net/assets/jquery-validation/jquery.validate.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
XM5M6A7P8AST8W3G
age
115406
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UrOW7Shr4znNqtDH7Hnud9Qn4Aj3ONufAyRQ7Xln11eT3l44ROhVqDXR5KhooWqyN1QobuKJTZw=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"5861a036c2de6c2df26749fe41d57605"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8912505de8f182b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
additional-methods.min.js
cdn.sitestatic.net/assets/jquery-validation/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sitestatic.net/assets/jquery-validation/additional-methods.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
VCHM3Q1TS6NSV6AD
age
19071
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
SfGhHHH4lB2ll+dWP04Lna2hdrhA1+uCxG1KJ1xBaphmvhQXRt/1FJNMJ7X+g+K2hAwQl+OGO3Y=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"48babc4e826404ef8b8ca5bad48fc133"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8912505de8f482b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
jquery.fancybox.min.css
cdn.sitestatic.net/assets/fancybox/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sitestatic.net/assets/fancybox/jquery.fancybox.min.css
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
Q098RMCVAP9NP93N
age
115405
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6f6EEqxI4PAD6jBLmiuf8hybRjOwhuYZhZHnXMh5kuJHVdAZY2lvW1qzxREf20nL3fjNCvS8CnI=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"a2d42584292f64c5827e8b67b1b38726"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8912505de8f682b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
jquery.fancybox.min.js
cdn.sitestatic.net/assets/fancybox/ 		67 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.sitestatic.net/assets/fancybox/jquery.fancybox.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
XM5GHB2H1DFF2MJJ
age
121792
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
Ja+1dnrhgwHrmM8i16v/R8hzQOApyz3Ud31+ZC0tJCj9oAJnKs45q9afmTNyi6DFVzrJ0Q1n6/c=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"49a6b4d019a934bcf83f0c397eba82d8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8912505de8f982b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
app-mobile.js
www.dewi188os.com/js/ugsports/ 		0
0
911758476995311
connect.facebook.net/signals/config/ 		24 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/911758476995311?v=2.9.157&r=stable&domain=dewi368.mstenergy.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C119%2C219%2C154%2C111%2C134%2C127%2C115
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra3.fbcdn.net
Software
/
Resource Hash
16f5b6b3f05832ec5c501b053858f0c44db2175e8af1b55d51d39d3df5752f4a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sun, 09 Jun 2024 15:56:50 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4331, tp=9, tpl=0, uplat=182, ullat=0
pragma
public
x-fb-debug
e0fmikD7bDBUxKizOh0pN0DM6lXhKpqTsE5wf7r14bsJZRRXcDojlznCsM2qVjfIZeJaXPP5PXAajF3kvkbMuw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
271 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=326221803187753&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717948610331&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717948610329.779444191465688638&cs_est=true&ler=other&cdl=API_unavailable&it=1717948610132&coo=false&rqm=GET
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=10, mss=1368, tbw=2791, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 09 Jun 2024 15:56:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=326221803187753&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717948610331&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717948610329.779444191465688638&cs_est=true&ler=other&cdl=API_unavailable&it=1717948610132&coo=false&rqm=FGET
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0715a00f99954051","source_keys":["1","2"]},{"key_piece":"0x922e6c8a0ffb8bd7","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 09 Jun 2024 15:56:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=62, rtx=0, c=10, mss=1368, tbw=3319, tp=-1, tpl=-1, uplat=178, ullat=0
pragma
no-cache
x-fb-debug
v0BhBfggqrqTb70C/3kFvjroK/LRDLJmH5xQqfwHG+8OMHzbMlPpD8GW0sFbsYJ/gaJil5OSrKivzo8XFbDN3A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=911758476995311&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717948610576&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717948610329.779444191465688638&cs_est=true&ler=other&cdl=API_unavailable&it=1717948610132&coo=false&rqm=GET
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=62, rtx=0, c=10, mss=1368, tbw=3176, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Sun, 09 Jun 2024 15:56:50 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
471 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=911758476995311&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717948610576&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717948610329.779444191465688638&cs_est=true&ler=other&cdl=API_unavailable&it=1717948610132&coo=false&rqm=FGET
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x038871a8d0258221","source_keys":["1","2"]},{"key_piece":"0xcafa1f4808356c42","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Sun, 09 Jun 2024 15:56:50 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=14, mss=1368, tbw=6989, tp=-1, tpl=-1, uplat=57, ullat=0
pragma
no-cache
x-fb-debug
vmY4aZeThCrqbqsyrejt5M11dVc+5d3pkXCb29+HJFalkgZMtD+opvHWZaBLfxNe4iVOvZGPL1CCCGEAWgxZ3A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
css2
fonts.googleapis.com/ 		5 KB
722 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;600&display=swap
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/app-mobile.css?id=d7271366690886d588ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d5d856ec5c1d566a929bd730f7425c1f67db9bf6cdce2f2108e5e8cab03313a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Sun, 09 Jun 2024 15:56:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sun, 09 Jun 2024 15:56:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 09 Jun 2024 15:56:50 GMT
jquery-ui.min.css
cdn.sitestatic.net/assets/jquery/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery-ui.min.css
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:50 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
N5EF9SY2EKNK59BH
age
21255
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
a3c8kUZ0wEHU4kOT/f0dk6G2byK0SRaoh1YaHWoO29QNrt/QjhSEdPE0EjmivqrzTtSaTcTQGdc=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"0b5729a931d113be34b6fac13bcf5b29"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
891250627f8e82b2-ARN
expires
Mon, 09 Jun 2025 15:56:50 GMT
theme-title-bg-img-t8.png
files.sitestatic.net/assets/imgs/gigagaming/ 		272 KB
273 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/gigagaming/theme-title-bg-img-t8.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/custom.css?id=d002093e299d92b41341
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb4df4ed3cebbdd1921962669a4db8fac15e82261a858d2a3a7759294950368

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
Mon, 09 Jun 2025 15:56:51 GMT
date
Sun, 09 Jun 2024 15:56:51 GMT
x-amz-version-id
x5VDhcnp3nP0s.M0oRztWplpSrXCwPMh
cf-cache-status
MISS
x-amz-request-id
16ZYX9FX9MR6XCN6
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
8bb4df4ed3cebbdd1921962669a4db8fac15e82261a858d2a3a7759294950368
alt-svc
h3=":443"; ma=86400
content-length
278698
x-amz-id-2
yODfEujmwbYS7ZC/DhWyuRiBRrUznrEQwV6Z4A8wh311EfL9dKScSdWXwA/e/9FKvh631SoGlJY=
last-modified
Tue, 05 Oct 2021 12:46:16 GMT
server
cloudflare
etag
"67dcb9bf24d0fb2cd64cc5430bc844f8"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89125062afb382b2-ARN
x-amz-meta-s3b-last-modified
20211005T124514Z
title-bg-img.png
files.sitestatic.net/assets/imgs/gigagaming/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/assets/imgs/gigagaming/title-bg-img.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/custom.css?id=d002093e299d92b41341
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5c630a2450f07fc3ec8347b7d48fa5e8022b5fd8a04c2d491ae9390403c2b6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210923T100609Z
date
Sun, 09 Jun 2024 15:56:51 GMT
x-amz-version-id
hQvZUrgpQh7YwY.9.NGIS5BTz3wjU90g
cf-cache-status
REVALIDATED
x-amz-request-id
2EJ2QMW7YR1ERCK0
cf-polished
origFmt=png, origSize=92329
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
217e7ec18e1c0a250d90170d1badf8f15ca1186693a1389cdf8264f6fdf805eb
content-disposition
inline; filename="title-bg-img.webp"
alt-svc
h3=":443"; ma=86400
content-length
52000
x-amz-id-2
blwcJd4jfCeGH70VFdkhTX1eg4bWhA050P6NgFF7sqenqWRNeDdx9gi5ty94pi4N26Z78sc3uto=
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Sep 2021 12:02:30 GMT
server
cloudflare
etag
"51e5cca82f51963c4c848bec65001cdc"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89125062afba82b2-ARN
expires
Mon, 09 Jun 2025 15:56:51 GMT
flags-sm.png
files.sitestatic.net/sprites/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/sprites/flags-sm.png?v=8.1
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/app-mobile.css?id=d7271366690886d588ae
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fd75df23a36dc508478535ee809456a101fe36802252d6ebfb586dfaaf4c2d1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20230215T020107Z
date
Sun, 09 Jun 2024 15:56:51 GMT
x-amz-version-id
hLUm81uQN3iSTcpk4UFxAE3C0h95JMA8
cf-cache-status
HIT
x-amz-request-id
QMWWSHYVGY0ZPZK5
age
305727
cf-polished
origFmt=png, origSize=21986
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
bcad67cbdce6856e5b7d009d7a6d5a29a468fd459661b7cfda87cee20d0de26a
content-disposition
inline; filename="flags-sm.webp"
alt-svc
h3=":443"; ma=86400
content-length
12586
x-amz-id-2
KU0hk088yFmHg4ChlrD+VfUyTzUSFpVvNfjnpVRlQbaxclxH2kz7R/wfO0wwMdrmjTO6jkC+Pdo=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Feb 2023 02:23:05 GMT
server
cloudflare
etag
"f65867ed882901895a6527c452994998"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89125062afc982b2-ARN
expires
Mon, 09 Jun 2025 15:56:51 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dewi368.mstenergy.xyz
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:36:19 GMT
x-content-type-options
nosniff
age
224432
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 01:36:19 GMT
UqyJK8kPP3hjw6ANTdfRk9YSN983TKU.woff2
fonts.gstatic.com/s/rubikmonoone/v18/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/rubikmonoone/v18/UqyJK8kPP3hjw6ANTdfRk9YSN983TKU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik+Mono+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1e770d64eb3fdf5bbbb8a366df90607632d68f266edc21af9230fe5181c1813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dewi368.mstenergy.xyz
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:07:57 GMT
x-content-type-options
nosniff
age
438534
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12844
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:52:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:07:57 GMT
getPokerJackpotAmt
www.dewi188os.com/ 		0
0
20240408222923000000d86f259affGGGAAAT__647x1280.jpg
files.sitestatic.net/promotion_banners/ 		263 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://files.sitestatic.net/promotion_banners/20240408222923000000d86f259affGGGAAAT__647x1280.jpg
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0767c957a94e2cb366b1b32f568ed081335eace692e7007f8c3e42d050e2490e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:51 GMT
x-amz-version-id
SsLAQosIVwPpnCGGtHLI8LIDdy45mUEl
cf-cache-status
MISS
x-amz-request-id
16ZHYTNTM6WBMY0Y
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
268811
x-amz-id-2
7Omq+I4AnYskma4/i+gnOBwpTMviJwzEO2KfIoDX4CvpfwNyKbhPMH0rYT4Z9GBFdaFhnzbeqGqkr5VXcm70JQ==
last-modified
Mon, 08 Apr 2024 14:29:24 GMT
server
cloudflare
etag
"1ccde547540f3df0811976ed130cc170"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89125063386682b2-ARN
expires
Mon, 09 Jun 2025 15:56:51 GMT
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dewi368.mstenergy.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Sun, 09 Jun 2024 15:56:51 GMT
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 		269 B
257 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=579857628894334997&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
195.138.255.18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
711da86b15e25cd5c91066ce1fb19d2acad6dc8f57f6514a73d27e61235b4f3c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 09 Jun 2024 15:56:52 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
238
quic-version
0x00000001
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 		264 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
1fc4f4c5f6602edb29f7c65d50da1ce9a904922617604505d34464cd227eb5c6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 09 Jun 2024 15:56:51 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
236
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dewi368.mstenergy.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 09 Jun 2024 15:56:51 GMT
62b678fe711a9_imgpsh_fullsize_anim%20(2).png
files.sitestatic.net/ImageFile/ 		90 KB
90 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://files.sitestatic.net/ImageFile/62b678fe711a9_imgpsh_fullsize_anim%20(2).png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
217cd321d853553f2f72108dccb184d85dcf4816f79e4a203141574a0af9ac3a

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:51 GMT
x-amz-version-id
RYmX9QGpGBbcMMl5EEqN_ALZtCak_hl.
cf-cache-status
MISS
x-amz-request-id
16ZKPPXMA1WBAW97
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
92119
x-amz-id-2
T+MZdiaXLosCtK6rSU8oTJs6rja2kU4FtcKKxbGd37UvLMvUU0YenMlDX6vALTXFW3QYeR0mnzM=
last-modified
Sat, 25 Jun 2022 02:54:55 GMT
server
cloudflare
etag
"0b5e3632e59bde67cc678dbd86180678"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89125065bc4182b2-ARN
expires
Mon, 09 Jun 2025 15:56:51 GMT
core.f43cddf82746bfc4.js
s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/ 		291 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=567155347929432085&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=567155347929432085&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.64 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
390fdde3f04bc3c88a1f65f9c43bf9b0d9dc7162de456d9500e6928dec00f209

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
185.204.1.183
Date
Wed, 05 Jun 2024 03:04:59 GMT
Content-Encoding
gzip
x-oss-request-id
665FD5DBBE751D39302BB9C1
X-Cache-Lookup
Cache Hit
Content-MD5
F1Ia+PQ83fgnRr/EkujTvQ==
kwaisign
NULL
Connection
keep-alive
Content-Length
78226
X-Ks-Request-ID
913245295440530233
X-Ks-Cache
Hit from 43.152.26.64
x-oss-object-type
Normal
Last-Modified
Tue, 04 Jun 2024 07:54:56 GMT
Server
Lego Server
Etag
"17521AF8F43CDDF82746BFC492E8D3BD"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
913245295440530233
Accept-Ranges
bytes
x-oss-hash-crc64ecma
18225565236884805087
x-oss-server-time
7
Expires
Fri, 05 Jul 2024 03:04:59 GMT
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		72 B
288 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.138.255.24 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
16dc11f7d35d4dc77b9a298759fc3b629a733205026ea7fe59530534209a2ffc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://dewi368.mstenergy.xyz
date
Sun, 09 Jun 2024 15:56:52 GMT
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
72
content-type
text/plain;charset=UTF-8
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 		72 B
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
195.138.255.24 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
16dc11f7d35d4dc77b9a298759fc3b629a733205026ea7fe59530534209a2ffc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://dewi368.mstenergy.xyz
date
Sun, 09 Jun 2024 15:56:52 GMT
access-control-allow-credentials
true
content-length
72
content-type
text/plain;charset=UTF-8
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ 		851 B
523 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=567155347929432085&pageId=pageId-1717948611968-9611712871734
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
195.138.255.18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
e1780bfe284fd293fe17f186dc602e68aa3159046ce4e499883accdacebb02b4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:52 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
503
quic-version
0x00000001
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/ 		1 KB
632 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=579857628894334997&pageId=pageId-1717948611968-9611712871734
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
195.138.255.18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
b0da3465a84e8efd2480164aea13365a39c3833bed95b4ac865360305ea95944

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 09 Jun 2024 15:56:52 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
612
quic-version
0x00000001
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 		285 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=579857628894334997&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=579857628894334997&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.64 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
17a08ca949b6aafa43a8cd1490fd52174a7c697bd5f8d4aa46036f89c36e2a43

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
185.204.1.183
Date
Tue, 28 May 2024 09:16:54 GMT
Content-Encoding
gzip
x-oss-request-id
6655A106429BC33337EF4DD3
X-Cache-Lookup
Cache Hit
Content-MD5
7P9nfeyJxYxyrA2r6d0ebw==
kwaisign
NULL
Connection
keep-alive
Content-Length
76998
X-Ks-Request-ID
14555452782306049322
X-Ks-Cache
Hit from 43.152.26.64
x-oss-object-type
Normal
Last-Modified
Tue, 28 May 2024 09:04:08 GMT
Server
Lego Server
Etag
"ECFF677DEC89C58C72AC0DABE9DD1E6F"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
14555452782306049322
Accept-Ranges
bytes
x-oss-hash-crc64ecma
7425553369367326137
x-oss-server-time
10
Expires
Thu, 27 Jun 2024 09:16:54 GMT
api
ads.mythad.com/log/common/co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dewi368.mstenergy.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 09 Jun 2024 15:56:52 GMT
api
ads.mythad.com/log/common/co/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
195.138.255.18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
ee54132eadcce9509b72e75f293970c386574decd253551bed3e21bb46c2a598

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 09 Jun 2024 15:56:53 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1021
quic-version
0x00000001
api
ads.mythad.com/log/common/co/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/graySdk/core.f43cddf82746bfc4.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
195.138.255.18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
4714840a8bc6577eb3f4bf409fd0dd3c3e4e7cbf972347feae846b8410784b2d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Sun, 09 Jun 2024 15:56:53 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=utf-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
1012
quic-version
0x00000001
api
ads.mythad.com/log/common/co/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:9::210:ee16 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dewi368.mstenergy.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Sun, 09 Jun 2024 15:56:52 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.dewi188os.com
URL
https://www.dewi188os.com/css/ugsports/swiper.css
Domain
www.dewi188os.com
URL
https://www.dewi188os.com/fonts/ugsubskin/icomoon/style.min.css?v=1.3
Domain
www.dewi188os.com
URL
https://www.dewi188os.com/assets/images/log_html5.png
Domain
www.dewi188os.com
URL
https://www.dewi188os.com/assets/images/btn_playnow.png
Domain
www.dewi188os.com
URL
https://www.dewi188os.com/js/ugsports/app-mobile.js?id=5e41997091caa380a2c9
Domain
www.dewi188os.com
URL
https://www.dewi188os.com/getPokerJackpotAmt

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ardFunction function| fbq function| _fbq string| KwaiAnalyticsObject object| kwaiq object| install string| clientautodepo string| labelautodepo string| loadwl string| domainsystem string| uuidautodepo function| _0x5329 function| _0x1af3d6 string| apipath function| setupScriptOtomatis function| _0x2d89 function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| openNavItem function| closeNav number| newI string| host string| curr_host string| agent_url boolean| isAuth string| currencyCode string| lang string| agentCode function| formatNumber function| convertToNumber function| formatCurrency number| prize function| ajax_jackpot function| popitup function| popup function| commaSeparateNumber function| getRandomIntInclusive number| accLength function| bankAccLength function| changeLang function| alertLogin object| events function| Radar object| core object| _WEBLOGGER function| Weblog

7 Cookies

Domain/Path Name / Value
bumatek.boun.edu.tr/ Name: cookiesession1
Value: 678A3E55B1B91B65014A14A1082EFB0C
.dewi188os.com/ Name: __cf_bm
Value: SsI4BOudYsFhJIp1i75sj5PuYgDpf3lsngekBGUSe0g-1717948609-1.0.1.1-6POl6XbWlEkDO4LLGxn8UmA62MxOfjRFFiLoo8Jms0uobJaKBcI43XmOXgifw1703QSFc4E84yNLqbCx2auVmw
.sitestatic.net/ Name: __cf_bm
Value: dTYzV6bzUBOLKaVIYfFKTsgEPtZgJMVdde7hROT1EnM-1717948609-1.0.1.1-Rj8slV8HGhTCTeLjfc.FazHM9J1f5bhvIziFFCmQkTRMHp0JdDog_P6u6v.IOcKRWxP2dj8lUUS14Irle0a11Q
.mstenergy.xyz/ Name: _fbp
Value: fb.1.1717948610329.779444191465688638
.mstenergy.xyz/ Name: _did
Value: web_6890487696F6072E
.mstenergy.xyz/ Name: kwai_uuid
Value: 3ff9091f589368431fecbbf89ca24203
.mythad.com/ Name: kwai_ckid
Value: 1717948612446_5616527733687026

60 Console Messages

Source Level URL
Text
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.dewi188os.com/css/ugsports/swiper.css
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.dewi188os.com/fonts/ugsubskin/icomoon/style.min.css?v=1.3
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.dewi188os.com/assets/images/log_html5.png
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.dewi188os.com/assets/images/btn_playnow.png
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://dewi368.mstenergy.xyz/icomoon.woff2?h141kb
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.dewi188os.com/js/ugsports/app-mobile.js?id=5e41997091caa380a2c9
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation verbose URL: https://dewi368.mstenergy.xyz/
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://dewi368.mstenergy.xyz/
Message:
Access to XMLHttpRequest at 'https://www.dewi188os.com/getPokerJackpotAmt' from origin 'https://dewi368.mstenergy.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.dewi188os.com/getPokerJackpotAmt
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://dewi368.mstenergy.xyz/
Message:
The resource https://dewi368.mstenergy.xyz/icomoon.woff2?h141kb was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pokebob.online
ads.mythad.com
bumatek.boun.edu.tr
cdn.sitestatic.net
connect.facebook.net
dewi368.mstenergy.xyz
direct.clothesfashion.online
files.sitestatic.net
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
iili.io
logsdk.kwai-pro.com
qris.otomatis.vip
s1.kwai.net
www.dewi188os.com
www.facebook.com
www.dewi188os.com
104.21.235.70
154.83.2.16
157.240.252.13
161.9.151.82
172.67.172.48
172.67.69.226
188.114.97.3
195.138.255.18
195.138.255.24
199.232.192.193
2a00:1450:4001:81d::2003
2a00:1450:4001:81d::200a
2a02:26f0:480:9::210:ee16
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
43.152.26.64
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
06b3b723285deec88d88deb08bf651d1a66959b60959785fe07d4e2888de9998
0767c957a94e2cb366b1b32f568ed081335eace692e7007f8c3e42d050e2490e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16c6e52bde4cc463f31ed65f80f376b8c58a223f75b4bc3338d9d3b54d3431a4
16dc11f7d35d4dc77b9a298759fc3b629a733205026ea7fe59530534209a2ffc
16f5b6b3f05832ec5c501b053858f0c44db2175e8af1b55d51d39d3df5752f4a
17a08ca949b6aafa43a8cd1490fd52174a7c697bd5f8d4aa46036f89c36e2a43
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
1ed30c846d58a68884e549ea69a8826034ab1d034874f4211454b9e34fed6ef7
1f80cdbf4cc504bcc47aa3fa33c4729dbe72e4df21e5610e4b3a15cfdb19d988
1fc4f4c5f6602edb29f7c65d50da1ce9a904922617604505d34464cd227eb5c6
217cd321d853553f2f72108dccb184d85dcf4816f79e4a203141574a0af9ac3a
230d6bc167e2bd82773b97c8a50ff08481d6006f1c4ecc547403cd5ae2e9b969
26936934bd1611d66d3c77d318d16af4e067d6b45ed70f9d914c2870949df658
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
3689e0482573b519c0e70686b17303b5439d7f931ef6b226f799f075aab39e00
390fdde3f04bc3c88a1f65f9c43bf9b0d9dc7162de456d9500e6928dec00f209
3936eeba9a43265b4a8231e235e20ccf1462bd79e86b918b9da41c9fac30cdaf
3eb2b812df04aa12e2f598c4847c516b077a0249ff62e84951c94fd9b22f31b1
4033ddb5c07522e6dec870574082458dabd076c334a5b1446d54e2da542e45dd
4258325d0e652bee5432a0d18b3b1d596659b03f5a86f0636565e78ad16f0a3f
4714840a8bc6577eb3f4bf409fd0dd3c3e4e7cbf972347feae846b8410784b2d
4fbf85a9cb3dd8d9b9cee3a1014e3caf54e5c48db130732840ba7733af1a01ec
51ecb52b412444d5649e7cb8e2dbceb134216bae4a3126f90e87e2a39223c48e
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5c58c101cc884efde178a3043489874d9f58bce38e1b6a6795ef8065abbf48f6
62ec963ec2ddda256157253e8ef9a8355423cfd49733c6a0192796c6d341e828
6d5d856ec5c1d566a929bd730f7425c1f67db9bf6cdce2f2108e5e8cab03313a
70780a7c65b77d6d22afe34711fd6571bdaff21596575801b9459f4f2db9855c
711da86b15e25cd5c91066ce1fb19d2acad6dc8f57f6514a73d27e61235b4f3c
74245c6e47902cbf49e7f703dfac18571e957f638ecd8c07b15c1a7bc6b484f9
7b1bc6ddf81b9212855c94157645c93be27c8380737f4ee22502220e2f57822d
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
891b06c855b5a66c0fcb5007d609e4c3a81f0cee98ffad8835ab8e98521b95c5
8bb4df4ed3cebbdd1921962669a4db8fac15e82261a858d2a3a7759294950368
8e458b6398b0f729b96a4c6134d5d11857f65832b5f66acabe27e7a9ff2d5e10
8fd75df23a36dc508478535ee809456a101fe36802252d6ebfb586dfaaf4c2d1
96a5e5a540a4dfbcd282bfbb91f69ddd72f7209719b7c11d0af648a5102d79da
9ad37d3fd1d807f2331b403b546b48bd7ddde2bcddd01711d7f163d1c43bcebf
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
9b93dcca4e1e75abd81f9aa0a92c61be17207bb1c3e0e47d7c1d7ac538fc4c98
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
af9a42baeabb75eb4eeb81d111196c4d5b129288f195c9ea8ab17b7344a29152
b0da3465a84e8efd2480164aea13365a39c3833bed95b4ac865360305ea95944
b2538d3b57022bc05f3800160ff645dabe6819fb899ac94603a7214fee5fa6b5
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd16aaf65d7bddfcf11f1834de29f3c40229eb31fe650a4101be6d30a07c5126
c1e770d64eb3fdf5bbbb8a366df90607632d68f266edc21af9230fe5181c1813
c754bb76abe4e581edaf719bc873d364e4e6031644fda40ad605eb3da37e7328
c783ae9a7961fcafdda9d2c0ea62c73fadc4811f06a4ffc08f7e654bb83cf472
c8a2f63033d659ab070c5fe3391e27c2e59ee90024dd48451f72ff4ff63ecbd9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cdc9c3093d1d005ecb2f9bb322d8defba8bec58f505708e4d508335fa1fd87ef
cfc71a003148530cab6faceebfeeff722dd0c8805476b44a71eb74004a811bd1
d05e0345406f2d676efda2063643450279a9898463f1be66050ac9ea3786cd03
d0e10c58f30442fe280c8d102bfe08883fdcc2c4008a0032e68d2165816075cc
e1780bfe284fd293fe17f186dc602e68aa3159046ce4e499883accdacebb02b4
e3043faabfc9ef8064fceef7f739ce3346b98579cabcf518a9197f7d124292fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ddb9b51c5a2d9a773bdf1f50364aa809b41a3d0fa947fc485e2480647ad59c
ea5c630a2450f07fc3ec8347b7d48fa5e8022b5fd8a04c2d491ae9390403c2b6
ee54132eadcce9509b72e75f293970c386574decd253551bed3e21bb46c2a598
f018b8a0bda4f9ecf744ff4816799ca811d7fb0bb4e391f16612b6ad641c4d5f
f73ac99c08fabbedde5cae860087d7d16d9e6ab85863f83b6dd89e2a934012af
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0