Submitted URL: http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
Effective URL: https://dewi368.mstenergy.xyz/
Submission: On June 07 via api from US — Scanned from DE

Summary

This website contacted 18 IPs in 7 countries across 16 domains to perform 105 HTTP transactions. The main IP is 172.67.172.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is dewi368.mstenergy.xyz.
TLS certificate: Issued by E1 on May 17th 2024. Valid for: 3 months.
This is the only time dewi368.mstenergy.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 161.9.151.82 8456 (ASBOUN)
1 2 188.114.96.3 13335 (CLOUDFLAR...)
6 172.67.172.48 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
5 10 199.232.196.193 54113 (FASTLY)
1 104.21.235.69 13335 (CLOUDFLAR...)
11 154.83.2.16 209242 (CLOUDFLAR...)
42 154.83.2.240 209242 (CLOUDFLAR...)
2 172.67.69.226 13335 (CLOUDFLAR...)
2 2a03:2880:f08... 32934 (FACEBOOK)
4 43.152.26.142 139341 (ACE-AS-AP...)
3 2a00:1450:400... 15169 (GOOGLE)
1 157.240.251.9 32934 (FACEBOOK)
4 2a03:2880:f17... 32934 (FACEBOOK)
2 95.101.75.43 20940 (AKAMAI-ASN1)
8 2a01:4a0:1338... 201011 (CORE-BACK...)
2 95.101.75.50 20940 (AKAMAI-ASN1)
105 18
Apex Domain
Subdomains
Transfer
53 sitestatic.net
cdn.sitestatic.net — Cisco Umbrella Rank: 26273
files.sitestatic.net — Cisco Umbrella Rank: 28224
2 MB
10 mythad.com
ads.mythad.com — Cisco Umbrella Rank: 30575
4 KB
10 imgur.com
i.imgur.com — Cisco Umbrella Rank: 7256
1 KB
6 mstenergy.xyz
dewi368.mstenergy.xyz
421 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 119
4 KB
4 kwai.net
s1.kwai.net — Cisco Umbrella Rank: 25410
161 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 70
2 KB
3 gstatic.com
fonts.gstatic.com
67 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 205
76 KB
2 kwai-pro.com
logsdk.kwai-pro.com — Cisco Umbrella Rank: 27519
483 B
2 otomatis.vip
qris.otomatis.vip — Cisco Umbrella Rank: 34634
591 B
2 boun.edu.tr
bumatek.boun.edu.tr
668 B
1 iili.io
iili.io — Cisco Umbrella Rank: 37354
643 KB
1 clothesfashion.online
direct.clothesfashion.online
478 B
1 pokebob.online
a.pokebob.online
620 B
0 dewi188os.com Failed
www.dewi188os.com Failed
105 16
Domain Requested by
42 files.sitestatic.net dewi368.mstenergy.xyz
11 cdn.sitestatic.net dewi368.mstenergy.xyz
10 ads.mythad.com s1.kwai.net
10 i.imgur.com 5 redirects dewi368.mstenergy.xyz
6 dewi368.mstenergy.xyz a.pokebob.online
dewi368.mstenergy.xyz
4 www.facebook.com dewi368.mstenergy.xyz
4 s1.kwai.net dewi368.mstenergy.xyz
s1.kwai.net
4 fonts.googleapis.com dewi368.mstenergy.xyz
3 fonts.gstatic.com fonts.googleapis.com
3 connect.facebook.net dewi368.mstenergy.xyz
connect.facebook.net
2 logsdk.kwai-pro.com s1.kwai.net
2 qris.otomatis.vip dewi368.mstenergy.xyz
2 bumatek.boun.edu.tr 1 redirects
1 iili.io dewi368.mstenergy.xyz
1 direct.clothesfashion.online 1 redirects
1 a.pokebob.online bumatek.boun.edu.tr
0 www.dewi188os.com Failed dewi368.mstenergy.xyz
cdn.sitestatic.net
105 17

This site contains links to these domains. Also see Links.

Domain
t.me
s3-ap-southeast-1.amazonaws.com
api.whatsapp.com
Subject Issuer Validity Valid
pokebob.online
E1
2024-04-25 -
2024-07-24
3 months crt.sh
mstenergy.xyz
E1
2024-05-17 -
2024-08-15
3 months crt.sh
upload.video.google.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
iili.io
E1
2024-06-01 -
2024-08-30
3 months crt.sh
sitestatic.net
Cloudflare Inc ECC CA-3
2023-12-19 -
2024-12-18
a year crt.sh
otomatis.vip
GTS CA 1P5
2024-04-18 -
2024-07-17
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-03-16 -
2024-06-14
3 months crt.sh
*.kwai.net
GlobalSign RSA OV SSL CA 2018
2023-10-26 -
2024-11-26
a year crt.sh
*.gstatic.com
WR2
2024-05-21 -
2024-08-13
3 months crt.sh
*.mythad.com
GlobalSign GCC R3 DV TLS CA 2020
2023-10-23 -
2024-11-23
a year crt.sh
*.kwai-pro.com
GlobalSign GCC R3 DV TLS CA 2020
2023-08-10 -
2024-09-10
a year crt.sh

This page contains 1 frames:

Primary Page: https://dewi368.mstenergy.xyz/
Frame ID: 2B7D0D55C25682410EA38C54AE1275BF
Requests: 100 HTTP requests in this frame

Screenshot

Page Title

dewi368 - Situs Slot Gampang Maxwin Terbaik

Page URL History Show full URLs

  1. http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ HTTP 307
    https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ HTTP 301
    http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ HTTP 307
    http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ Page URL
  2. https://a.pokebob.online/ Page URL
  3. https://direct.clothesfashion.online/fakevpn/daftar.html HTTP 301
    https://dewi368.mstenergy.xyz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

105
Requests

89 %
HTTPS

29 %
IPv6

16
Domains

17
Subdomains

18
IPs

7
Countries

3028 kB
Transfer

4884 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ HTTP 307
    https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ HTTP 301
    http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ HTTP 307
    http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ Page URL
  2. https://a.pokebob.online/ Page URL
  3. https://direct.clothesfashion.online/fakevpn/daftar.html HTTP 301
    https://dewi368.mstenergy.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ HTTP 307
  • https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ HTTP 301
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/ HTTP 307
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
Request Chain 3
  • https://i.imgur.com/dXa3HlG.gif HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 5
  • https://i.imgur.com/BfVw5nG.gif HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 6
  • https://i.imgur.com/TlmTWQm.gif HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 7
  • https://i.imgur.com/X4wgTCO.gif HTTP 302
  • https://i.imgur.com/removed.png
Request Chain 39
  • https://i.imgur.com/UWeWqPV.gif HTTP 302
  • https://i.imgur.com/removed.png

105 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
Redirect Chain
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
  • https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
  • http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
102 B
276 B
Document
General
Full URL
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
Protocol
HTTP/1.1
Server
161.9.151.82 , Turkey, ASN8456 (ASBOUN, TR),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection
Keep-Alive
Content-Length
102
Content-Type
text/html
Date
Fri, 07 Jun 2024 16:19:43 GMT
Keep-Alive
timeout=5, max=100
Server
Apache

Redirect headers

Location
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
Non-Authoritative-Reason
HttpsUpgrades
/
a.pokebob.online/
271 B
620 B
Document
General
Full URL
https://a.pokebob.online/
Requested by
Host: bumatek.boun.edu.tr
URL: http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.30
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
http://bumatek.boun.edu.tr/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8901f7243fac3819-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 07 Jun 2024 16:19:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WzkvqIc0GDxCBO8nShzsSvrFCOs%2FM0PQMFry9AE2X0UiE2B5%2Bx%2FzXybFjEmOZou3nP%2Bc1Zhq5XRyLhEWDp3Lln7kPGcj%2BKyyM%2B%2B5IiB9nwuBkN2MFuKtlItxts6Mrq8c7I01"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
PHP/8.0.30
x-turbo-charged-by
LiteSpeed
Primary Request /
dewi368.mstenergy.xyz/
Redirect Chain
  • https://direct.clothesfashion.online/fakevpn/daftar.html
  • https://dewi368.mstenergy.xyz/
311 KB
25 KB
Document
General
Full URL
https://dewi368.mstenergy.xyz/
Requested by
Host: a.pokebob.online
URL: https://a.pokebob.online/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bd16aaf65d7bddfcf11f1834de29f3c40229eb31fe650a4101be6d30a07c5126

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://a.pokebob.online/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8901f73098b19201-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 07 Jun 2024 16:19:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6SFCadrz2wg2dMWJLaQ0NEzwlEKxpPSItYcX7Iu9IrKs16eMW%2B5CLZi8jUXH%2BRUulyfHVcthuMVuuEE9qJeM6T3JV1XR1HOV%2BQrFm4SL0%2BqI%2By0X2r6wvFcn3OW8Vcn0n3mPZH6XhwE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8901f72cfeb3694f-FRA
content-type
text/html; charset=iso-8859-1
date
Fri, 07 Jun 2024 16:19:45 GMT
location
https://dewi368.mstenergy.xyz/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I8OBQaOrex2x%2BJF3XmpHmHQE7XIdiElUZOAWM6EnufXBdQxVmxhfTNB7jwVm5ueyxg7dPDkhxORzcIKAKXaiCTryHzotu3MZ%2B4EZsZrEnO0VFrrEhSyivFGPfzmaFxYkLbhXMVGcrrrdW3%2BdLbML"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/
2 KB
979 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Raleway:900&display=swap
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d05e0345406f2d676efda2063643450279a9898463f1be66050ac9ea3786cd03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 16:19:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 16:19:46 GMT
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/dXa3HlG.gif
  • https://i.imgur.com/removed.png
503 B
0
Image
General
Full URL
https://i.imgur.com/removed.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dewi368.mstenergy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-content-type-options
nosniff
age
5307384
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220072-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1717777186.396632,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 82837

Redirect headers

x-cache-hits
0, 0
date
Fri, 07 Jun 2024 16:19:46 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
328
x-timer
S1717777186.388339,VS0,VE1
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kjyo7100158-IAD, cache-fra-etou8220072-FRA
JXbWH7a.gif
iili.io/
642 KB
643 KB
Image
General
Full URL
https://iili.io/JXbWH7a.gif
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.235.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ad37d3fd1d807f2331b403b546b48bd7ddde2bcddd01711d7f163d1c43bcebf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
38747
alt-svc
h3=":443"; ma=86400
content-length
657144
last-modified
Thu, 21 Mar 2024 12:41:13 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
image/gif
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=galn7Bw57gqQOauaMR3IVzyt21Q%2Bc69ap0%2FBIqGOeTSL6DQKTz9N62cC6w43yyRYaSjMGNppmNbRrLI4b%2F9jxam7agvYkZrSPNnS7pm4uWaKrsiXTXpzDh3z"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=315360000
accept-ranges
bytes
cf-ray
8901f735383ba01c-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/BfVw5nG.gif
  • https://i.imgur.com/removed.png
503 B
0
Image
General
Full URL
https://i.imgur.com/removed.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dewi368.mstenergy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-content-type-options
nosniff
age
5307384
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220072-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1717777186.396632,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 82837

Redirect headers

x-cache-hits
0, 0
date
Fri, 07 Jun 2024 16:19:46 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
0
x-timer
S1717777186.388307,VS0,VE102
x-cache
HIT, MISS
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kcgs7200077-IAD, cache-fra-etou8220072-FRA
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/TlmTWQm.gif
  • https://i.imgur.com/removed.png
503 B
724 B
Image
General
Full URL
https://i.imgur.com/removed.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dewi368.mstenergy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
age
5307384
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220072-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1717777186.396632,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 82837

Redirect headers

x-cache-hits
0, 2
date
Fri, 07 Jun 2024 16:19:46 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
27
x-timer
S1717777186.388289,VS0,VE0
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kjyo7100030-IAD, cache-fra-etou8220072-FRA
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/X4wgTCO.gif
  • https://i.imgur.com/removed.png
503 B
0
Image
General
Full URL
https://i.imgur.com/removed.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dewi368.mstenergy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-content-type-options
nosniff
age
5307384
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220072-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1717777186.396632,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 82837

Redirect headers

x-cache-hits
0, 1
date
Fri, 07 Jun 2024 16:19:46 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
328
x-timer
S1717777186.388263,VS0,VE1
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kiad7000125-IAD, cache-fra-etou8220072-FRA
jquery.min.js
cdn.sitestatic.net/assets/jquery/
85 KB
31 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
09A9JN4GB908875T
age
171099
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
hC8fP/J2852vWEH7WMgBQu4OVwFDCvJtsY2hhbnxC3QvNYEchCf/3Fdlod7iVIEpakp0YjbxjRjtnd6vKDSu7A==
last-modified
Sat, 29 Jul 2023 05:07:12 GMT
server
cloudflare
etag
W/"a09e13ee94d51c524b7e2a728c7d4039"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8901f7373bd22c04-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
bootstrap.min.js
cdn.sitestatic.net/assets/bootstrap/
39 KB
12 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/bootstrap/bootstrap.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
5J7FWDQCHGK3DDZW
age
161092
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
HBkmnLDPAnT6DJEPn7sE55VltpI2U+uXeA5IActZTgtslpAlS/onRRI313jCvDVIGfvJrg1bTF3JY0K9fVZTBw==
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8901f7373bd52c04-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
icomoon.woff2
dewi368.mstenergy.xyz/
0
0
Font
General
Full URL
https://dewi368.mstenergy.xyz/icomoon.woff2?h141kb
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Origin
https://dewi368.mstenergy.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
br
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F3T7DCn08ygAgOzqVAJPO%2BIGYJ%2BLgRmhSJEKb4BS4T0RZ3yzCGkNTYRJlIeNixbaFwyja6Qup199AfPaswtmEuJ2114AjEOMD00XQ1WP9f%2BsIszu0m%2FTP1b3aoydWWE9Qk4tO%2BcevtU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
max-age=14400
cf-ray
8901f734fd729201-FRA
alt-svc
h3=":443"; ma=86400
swiper.css
www.dewi188os.com/css/ugsports/
0
0

app-mobile.css
dewi368.mstenergy.xyz/
248 KB
46 KB
Stylesheet
General
Full URL
https://dewi368.mstenergy.xyz/app-mobile.css?id=d7271366690886d588ae
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2538d3b57022bc05f3800160ff645dabe6819fb899ac94603a7214fee5fa6b5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2024 23:57:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=O0b7cpO9Nz5MkfDQ6MQRuBXM%2BYIS6zzoAvNVVAg6TELTZBuY%2FdSR7545W%2FjEVmFkEcR8YkEaZlw5R1F0Qxx7JglVHuDuPxEiE%2BeRRgvUvEbCVeU%2Fxjjf4HBJVZvTw97ywKsUcm55jQc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8901f7353dac9201-FRA
alt-svc
h3=":443"; ma=86400
custom.css
dewi368.mstenergy.xyz/
28 KB
5 KB
Stylesheet
General
Full URL
https://dewi368.mstenergy.xyz/custom.css?id=d002093e299d92b41341
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62ec963ec2ddda256157253e8ef9a8355423cfd49733c6a0192796c6d341e828

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2024 23:57:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oIzmk5rxkUnnOMf0pCM9leDBVmwzR6rv%2F3NT1Ayj13UuQnGN7cHDrf%2FV0q9otEwToV3EP%2BmyU2JKkgJJOsHIg7f7j8onzyY33I7Pdt2JOCUWLzqxvHoMoQWq6pu%2BpZXqmVgLhDoWzVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=14400
cf-ray
8901f7353dae9201-FRA
alt-svc
h3=":443"; ma=86400
sweet_alert2.min.js
cdn.sitestatic.net/assets/jquery/
66 KB
18 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery/sweet_alert2.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
JZYX8TCRX9AD2A5S
age
201449
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ghVZOieNqMo+GX1Fff2t0wMpWQCUHLm8oJCpSlWrnljXieGAyM2kmQ3GeB1h/rHSMkJHbEo/vJI=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"0c0de18caa00c8ea26099fb8cd50b05a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8901f7373bd62c04-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
jquery-ui.min.js
cdn.sitestatic.net/assets/jquery/
248 KB
68 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery-ui.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
A69ZPYGM9AWFJBT9
age
222939
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
H1vn9aa7nR2pmWwMj39IEClyDP+tcH0o0mTvobwZqMPRkwm9FOTdlBlSih11t5RLLo+CBQy/qVBzkt/2pijDFQ==
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"c15b1008dec3c8967ea657a7bb4baaec"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8901f7373bd92c04-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
jquery.ui.touch-punch.min.js
cdn.sitestatic.net/assets/jquery/
1 KB
962 B
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery.ui.touch-punch.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
SWA7K6W43ZZF0008
age
166063
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
uAS93uHsYvMlpbGnf6QZExzexkbMIPWPq33DZzEWGu5vstK60WA0x8Alu/fwSMK8y3Yc+OwvBAAtLCpeLA5LJQ==
last-modified
Sat, 29 Jul 2023 05:07:12 GMT
server
cloudflare
etag
W/"700b877cd3ade98ce6cd4be349d81a5c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8901f738ad732c04-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
65257984a64b2_output-onlinegiftools.gif
files.sitestatic.net/ImageFile/
540 KB
541 KB
Image
General
Full URL
https://files.sitestatic.net/ImageFile/65257984a64b2_output-onlinegiftools.gif
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff6d3169caaf0650fdb59ff85e16905c0e6748e93138f5b7882320c6baefc2b9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
kNBor1p6BRA9YbxsOG4OaCfRiAaMw.dz
cf-cache-status
HIT
x-amz-request-id
QDHBPY0ZQ7WXAJA3
age
227913
cf-polished
origFmt=gif, origSize=1906333
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="65257984a64b2_output-onlinegiftools.webp"
alt-svc
h3=":443"; ma=86400
content-length
553247
x-amz-id-2
0ECwzJEVRBoAPIzTk8IZVAT+WbzEpfupcktaNyeDbF7wkKv9hR4Fl41TwrdowOFLdXf+wlvLemM=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 10 Oct 2023 16:19:18 GMT
server
cloudflare
etag
"97b14322a17884cafbf60581291c49a7"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7373d04365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
64f9a3d900f37_64f583d516c92_RTP%20Slot%20Revisi.webp
files.sitestatic.net/ImageFile/
43 KB
43 KB
Image
General
Full URL
https://files.sitestatic.net/ImageFile/64f9a3d900f37_64f583d516c92_RTP%20Slot%20Revisi.webp
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0e10c58f30442fe280c8d102bfe08883fdcc2c4008a0032e68d2165816075cc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
c7yB6jomgfwrzPWi2ku6SflhYvwvrn3X
cf-cache-status
HIT
x-amz-request-id
N3HERHKXE6M2SERN
age
49781
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
43744
x-amz-id-2
+dZ6a5HhyoSU5poA+GMx5vIPR5QboidkBGhe5LqcDHlJwYAJZotgBMD9z0ocAw3VTTbzz8Qc5ORIRj/IDEQQeg==
last-modified
Thu, 07 Sep 2023 10:20:10 GMT
server
cloudflare
etag
"e7c7df2e4dd90db7f0934990c80c2297"
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7373d08365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
DEWI368.png
dewi368.mstenergy.xyz/
39 KB
40 KB
Image
General
Full URL
https://dewi368.mstenergy.xyz/DEWI368.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c754bb76abe4e581edaf719bc873d364e4e6031644fda40ad605eb3da37e7328

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
cf-cache-status
REVALIDATED
last-modified
Tue, 30 Apr 2024 23:57:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=58kDu64WZBCSwj3fwJIEd1WHaDWxGUjsCJ5JE%2BSgkDue6hjp01xQ%2BkNREpSMRmf97mxVXLorcxLbqZ5KDUDWTiXHuRM%2FleWXrNMbLh6tWBgPw%2BNZkLRgW%2F3r8bTh12rJhPWnPuAzquc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8901f7353daf9201-FRA
alt-svc
h3=":443"; ma=86400
content-length
40351
0_W_slider-5.jpg
dewi368.mstenergy.xyz/
304 KB
304 KB
Image
General
Full URL
https://dewi368.mstenergy.xyz/0_W_slider-5.jpg
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ed30c846d58a68884e549ea69a8826034ab1d034874f4211454b9e34fed6ef7

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
cf-cache-status
MISS
last-modified
Tue, 30 Apr 2024 23:57:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yqb7fztICbiIailnOw38ZD04clngBdaBm5D2M2%2B0veCVA2I5Adn9QCBQwyscLI2k%2Fk8x%2BmoWZ4mJHdbg6pKANi1HY%2Bq83aCxb6jpXqF4yVVmuzst3hJXWjJojgcCX1VDKhzBFR1niKU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8901f7353db19201-FRA
alt-svc
h3=":443"; ma=86400
content-length
311073
css2
fonts.googleapis.com/
1 KB
500 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Rubik+Mono+One&display=swap
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3936eeba9a43265b4a8231e235e20ccf1462bd79e86b918b9da41c9fac30cdaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 16:19:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 16:19:46 GMT
202401221335290000000e2d0f9467GGGAAAT__484x155.gif
files.sitestatic.net/progressive_img/
122 KB
122 KB
Image
General
Full URL
https://files.sitestatic.net/progressive_img/202401221335290000000e2d0f9467GGGAAAT__484x155.gif
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f90474aa3889d5cfb8408ebf8c520f74c122b37a66ac4fc4ebbadc05c8f481f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
e_LBZbKXy_o.D4Sns1FYRt_1avXN6jYY
cf-cache-status
HIT
x-amz-request-id
N3HCFPGTA1QHECBS
age
537690
cf-polished
origFmt=gif, origSize=185504
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="202401221335290000000e2d0f9467GGGAAAT__484x155.webp"
alt-svc
h3=":443"; ma=86400
content-length
124506
x-amz-id-2
xwfoUM/nsMV/kiOBKqEZht8BkyY5L0jnxr41VbXohbWvbpWPWqaWNl3Hs5FdLR2OqFKixIlnea4=
cf-bgj
imgq:85,h2pri
last-modified
Mon, 22 Jan 2024 05:35:30 GMT
server
cloudflare
etag
"4e79d82f2be598b87a076009aba01ee6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7373d0c365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Maneki_Neko.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
19 KB
20 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Maneki_Neko.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
70780a7c65b77d6d22afe34711fd6571bdaff21596575801b9459f4f2db9855c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
eZ.TWEy8Ec2ecekPKEkKj_TeO3SBPC1X
cf-cache-status
HIT
x-amz-request-id
NW6XPFMXA73V800S
age
71244
cf-polished
origFmt=png, origSize=22441
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Maneki_Neko.webp"
alt-svc
h3=":443"; ma=86400
content-length
19904
x-amz-id-2
Y1uLgwn7rxGhvKOp3bVR0YlRabZXwa9xD8f8Bjw2nxW5iRAC9+b5dX49YG7a9sVt9nBWHN+f17AP/79ITgmsvA==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 12 Apr 2024 10:53:08 GMT
server
cloudflare
etag
"650487dbd3efbb6cd1a3da6c1727cee2"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7373d0d365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Mahjong_Ways_Two.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
21 KB
22 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Mahjong_Ways_Two.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96a5e5a540a4dfbcd282bfbb91f69ddd72f7209719b7c11d0af648a5102d79da

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
x3JiK5B5fnGWCbLzlBqUhHUvBezzEkNG
cf-cache-status
HIT
x-amz-request-id
39064CVZ3FQP5GCG
age
156933
cf-polished
origSize=22530, status=webp_bigger
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
21781
x-amz-id-2
viNjTjUfqnRbHvBzteghXtKh5xk7LzJNfsO1rCqoxAgi8RGNmkFaoX/DzITkmjlX6XT0n4M2qv2OYDNG7Q7zyg==
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:46 GMT
server
cloudflare
etag
"bc01167bfc2cc3da649f2676848db923"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7373d11365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Gates_Of_Olympus.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
20 KB
21 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Gates_Of_Olympus.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c783ae9a7961fcafdda9d2c0ea62c73fadc4811f06a4ffc08f7e654bb83cf472

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
S4GR9uNWr.zKiF_6y5R8PTHxR5Zee5w9
cf-cache-status
HIT
x-amz-request-id
CJ0ABSKND8KNWCEQ
age
70164
cf-polished
origFmt=png, origSize=21732
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Gates_Of_Olympus.webp"
alt-svc
h3=":443"; ma=86400
content-length
20610
x-amz-id-2
oht5yK13hQ9jhsx5KmWHY4GzquuDGEhBeeGzL0pMCwvUAEkDn7Wr9FBRmQnENxnXcOKKE6C3eeH/XfOm6gBH9Q==
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:41 GMT
server
cloudflare
etag
"2ca81042859e7e09bec1de01b6f2a352"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7373d16365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Starlight_Princess.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
18 KB
19 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Starlight_Princess.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06b3b723285deec88d88deb08bf651d1a66959b60959785fe07d4e2888de9998

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
biiVY1BNQEW0ox8XUT4b3LEGy45XJ370
cf-cache-status
HIT
x-amz-request-id
CJ05DQD2KK3F9VWG
age
70164
cf-polished
origFmt=png, origSize=19891
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Starlight_Princess.webp"
alt-svc
h3=":443"; ma=86400
content-length
18698
x-amz-id-2
hxdioWwwcYox0t+CpmKNhRsXMt8XzqQv8mJ+8r8iSQkFYxXC9pfexJHLJm7q2OOCNLa36HIziD4=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:49 GMT
server
cloudflare
etag
"c0ebcad0fb5984762cc644bb6c4d1f07"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d6f365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Mahjong_Ways.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
19 KB
19 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Mahjong_Ways.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f73ac99c08fabbedde5cae860087d7d16d9e6ab85863f83b6dd89e2a934012af

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
In6gxRZ8b6PnTDNXDu.JBO90nm15oeCZ
cf-cache-status
HIT
x-amz-request-id
GMFMJ09611VX00PG
age
79703
cf-polished
origFmt=png, origSize=20153
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Mahjong_Ways.webp"
alt-svc
h3=":443"; ma=86400
content-length
19252
x-amz-id-2
6bMZW48rw4utdRgjUl0obmoXAH8AvGaaO9MUDvro106WHbbcjncatHNEnv+D/1dUARICZ9zKEhg=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:45 GMT
server
cloudflare
etag
"b971c6792f68d486371df509ad3c0661"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d70365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Sweet_Bonanza.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
16 KB
17 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Sweet_Bonanza.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb2b812df04aa12e2f598c4847c516b077a0249ff62e84951c94fd9b22f31b1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
0YrO38l4D.o9DfeiC.D7BmkxiULY_Aw5
cf-cache-status
HIT
x-amz-request-id
JWGC1H1VT0GC17VC
age
588345
cf-polished
origFmt=png, origSize=17058
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Sweet_Bonanza.webp"
alt-svc
h3=":443"; ma=86400
content-length
16686
x-amz-id-2
MZp1oBtCzK3FOJK2+7+JEkspQNlQvpObusOxo9iAP7Xn9pG5tMbdiq1shRQWnPY9v1hP2KYOd7Q1xMQePyLMew==
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:52 GMT
server
cloudflare
etag
"6cc91fa9659038c1b7d61d9e8794bb80"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d74365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Gates_Of_Olympus_1000.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
59 KB
60 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Gates_Of_Olympus_1000.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
26936934bd1611d66d3c77d318d16af4e067d6b45ed70f9d914c2870949df658

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
rP_jiNr3X7lkNOVoyNTwov0IZw2fozDU
cf-cache-status
HIT
x-amz-request-id
8BFF66PZKBJP7DGX
age
75408
cf-polished
origFmt=png, origSize=74738
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Gates_Of_Olympus_1000.webp"
alt-svc
h3=":443"; ma=86400
content-length
60708
x-amz-id-2
GgCzksKsFX093fpw7kMUmD+5D6riOx/QlEVsv+duJpVTfvslRWKg3yuGta32706zVqHf4+4h6/P4+QyHKrMoig==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 12 Jan 2024 12:52:59 GMT
server
cloudflare
etag
"62ef81bab5264926d8f2068140cd80e4"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d76365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Lucky_Neko.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
18 KB
18 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Lucky_Neko.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e458b6398b0f729b96a4c6134d5d11857f65832b5f66acabe27e7a9ff2d5e10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
pv76Enwz6LhszHxkVHUvGUms0dWzDTms
cf-cache-status
HIT
x-amz-request-id
CCN75E0HPDAAYM76
age
153490
cf-polished
origFmt=png, origSize=19347
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Lucky_Neko.webp"
alt-svc
h3=":443"; ma=86400
content-length
18078
x-amz-id-2
5KXNHFrOt875xUzoixWINUEF2anTNjCKHg1Sl24bozjAZtwzdLoZeGiRZ8T8o9GRV01Ftn+qqog=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:43 GMT
server
cloudflare
etag
"026aede0e800879a5cd791409692b598"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d7a365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Neko_Riches.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
17 KB
17 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Neko_Riches.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a2f63033d659ab070c5fe3391e27c2e59ee90024dd48451f72ff4ff63ecbd9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
G0.VTw5pykVmnpYd56sVm3_eZFvYRSpx
cf-cache-status
HIT
x-amz-request-id
SGZ92A69Y3THKSM0
age
149155
cf-polished
origFmt=png, origSize=17957
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Neko_Riches.webp"
alt-svc
h3=":443"; ma=86400
content-length
17126
x-amz-id-2
tnSy183kbEax05WA0XzkR/bMgz02+g1Y0ycEkh98sRtD7Ly/ye1pS7hOsizkyOUdTL43SjpGzzk=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:48 GMT
server
cloudflare
etag
"f764de80b2bfc14a2448a6b132d1ba7d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d7c365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Wild_Bandito.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
18 KB
19 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Wild_Bandito.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c58c101cc884efde178a3043489874d9f58bce38e1b6a6795ef8065abbf48f6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
bmBHQZ8z_J8SYtVcGWBxtmi9_xkPg73Q
cf-cache-status
HIT
x-amz-request-id
6KV2H9QZFNVJMBJ0
age
135317
cf-polished
origFmt=png, origSize=19636
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Wild_Bandito.webp"
alt-svc
h3=":443"; ma=86400
content-length
18740
x-amz-id-2
7O3WSwMCAx9lngmpm87nwgZnoRUcmp+LOXJz0za2wUKTsLfukPQUWXM28VN1kzU1sHcS4/WNMhwdN8kMnyddnA==
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:57 GMT
server
cloudflare
etag
"911838672d75d53326341e56fb1ad30d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d7e365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Starlight_Princess_1000.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
20 KB
20 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Starlight_Princess_1000.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ecb52b412444d5649e7cb8e2dbceb134216bae4a3126f90e87e2a39223c48e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
EBH7_w39F0Bzgds7kbimj7W80jT3Swhx
cf-cache-status
HIT
x-amz-request-id
FF2KK9YMFHNMC5J4
age
149154
cf-polished
origFmt=png, origSize=21375
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Starlight_Princess_1000.webp"
alt-svc
h3=":443"; ma=86400
content-length
20054
x-amz-id-2
5Zlb7ROfuivA+Sz69C+nSnJincyGsdG1XCvRK2HVQeI8gWAiiRvzB3Zh5FUEXMwRkkEc9fPvgog=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:51 GMT
server
cloudflare
etag
"21e420b9e0210a1662aed8aabb769d60"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d7f365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
merchant_active
qris.otomatis.vip/api/
0
0
Preflight
General
Full URL
https://qris.otomatis.vip/api/merchant_active
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dewi368.mstenergy.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://dewi368.mstenergy.xyz
alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8901f7370eb318af-FRA
date
Fri, 07 Jun 2024 16:19:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oPFT5oH%2B9He%2Fd9vz0Yek6Stz5m4q87yk4Q4RJcYQy69WrflGqlJXduAWuAcssonDOvUwtzWQ11z%2Fb2YOzC5mzbXu4i%2BTdU1eGBlaO0AlMqaKq%2B9BOl9nr6PLi0Y1W89UjEJX"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
fbevents.js
connect.facebook.net/en_US/
219 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 07 Jun 2024 16:19:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57975
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=14, mss=1297, tbw=2805, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
521c0Neeg+uoWv8OHXIv60VUsP1cWgsFosF3qEZ2yJPd7mUVIzcUg+pr8dByA0qC+R5QcU70iqBC/W7oW04RuA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/
10 KB
5 KB
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=567155347929432085&lib=kwaiq
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
81.95.5.36
Date
Mon, 03 Jun 2024 09:07:34 GMT
Content-Encoding
gzip
x-oss-request-id
665D87D5E410DC35323AB3FF
X-Cache-Lookup
Cache Hit
Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign
NULL
Connection
keep-alive
Content-Length
3744
X-Ks-Request-ID
234282416246478232
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Mon, 27 May 2024 02:52:15 GMT
Server
Lego Server
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
234282416246478232
Accept-Ranges
bytes
x-oss-hash-crc64ecma
13562747518461854989
x-oss-server-time
179
Expires
Wed, 03 Jul 2024 09:07:34 GMT
events.js
s1.kwai.net/kos/s101/nlav11187/pixel/
10 KB
5 KB
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=579857628894334997&lib=kwaiq
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
81.95.5.36
Date
Mon, 03 Jun 2024 09:07:34 GMT
Content-Encoding
gzip
x-oss-request-id
665D87D5E410DC35323AB3FF
X-Cache-Lookup
Cache Hit
Content-MD5
xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign
NULL
Connection
keep-alive
Content-Length
3744
X-Ks-Request-ID
9249296796519846076
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Mon, 27 May 2024 02:52:15 GMT
Server
Lego Server
Etag
"C5DC8475F5AE240BD1474B4467D9E7D8"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
9249296796519846076
Accept-Ranges
bytes
x-oss-hash-crc64ecma
13562747518461854989
x-oss-server-time
179
Expires
Wed, 03 Jul 2024 09:07:34 GMT
merchant_active
qris.otomatis.vip/api/
68 B
591 B
Fetch
General
Full URL
https://qris.otomatis.vip/api/merchant_active
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
cfc71a003148530cab6faceebfeeff722dd0c8805476b44a71eb74004a811bd1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json
Accept
application.json
Referer
https://dewi368.mstenergy.xyz/
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:47 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
Express
etag
W/"44-VQIPgLtuHZgtwdJsCodMGA3LTI8"
vary
Accept-Encoding, Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kPuLxciZRk%2FIfNk%2BmXqhiv1iNn4f5PtlVQt2yu%2BRBQJUmv8Of%2F8013PSr%2Fh8Y9YQX5AryHpwjXvG9qkgPWv19aDyBB2LCXS6el0TZexjRSR4X4muFf1woIVBfumJ9mxIYaJH"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
cf-ray
8901f73de84518af-FRA
alt-svc
h3=":443"; ma=86400
removed.png
i.imgur.com/
Redirect Chain
  • https://i.imgur.com/UWeWqPV.gif
  • https://i.imgur.com/removed.png
503 B
0
Image
General
Full URL
https://i.imgur.com/removed.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Server
199.232.196.193 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cat factory 1.0 /
Resource Hash
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://dewi368.mstenergy.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-content-type-options
nosniff
age
5307384
x-cache
HIT, HIT
content-length
503
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-etou8220072-FRA
last-modified
Wed, 14 May 2014 05:44:36 GMT
server
cat factory 1.0
x-timer
S1717777186.396632,VS0,VE0
etag
"d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
23848, 82837

Redirect headers

x-cache-hits
0, 1
date
Fri, 07 Jun 2024 16:19:46 GMT
strict-transport-security
max-age=300
server
cat factory 1.0
age
27
x-timer
S1717777186.388351,VS0,VE1
x-cache
HIT, HIT
access-control-allow-methods
GET, OPTIONS
location
https://i.imgur.com/removed.png
access-control-allow-origin
*
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-iad-kjyo7100050-IAD, cache-fra-etou8220072-FRA
1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/
21 KB
22 KB
Font
General
Full URL
https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3689e0482573b519c0e70686b17303b5439d7f931ef6b226f799f075aab39e00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dewi368.mstenergy.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:17:54 GMT
x-content-type-options
nosniff
age
266512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21904
x-xss-protection
0
last-modified
Wed, 01 May 2024 20:31:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:17:54 GMT
4DShanghai_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/
13 KB
14 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/4DShanghai_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4258325d0e652bee5432a0d18b3b1d596659b03f5a86f0636565e78ad16f0a3f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T050800Z
date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
cRlmi4s8wMCueUkoYWKeggdETM4usH5h
cf-cache-status
HIT
x-amz-request-id
84FGN4S4T4FKX9B4
age
240843
cf-polished
origFmt=png, origSize=20831
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
7b537a9e0dc92ecbe35d74c61565c865fd3f8eb4158a7c1a5ae63431a6324410
content-disposition
inline; filename="4DShanghai_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
13496
x-amz-id-2
WC1OPhk1HprHaRKyMXmmVR+LBbKBsVDknoeZ+q7KcHc1oHpruz6Td1irIEIlwCCDZXvaRJOhteM=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:18 GMT
server
cloudflare
etag
"246e01762054b8d6f9739adb05545018"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379da2365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
toto_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/
12 KB
12 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/toto_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f018b8a0bda4f9ecf744ff4816799ca811d7fb0bb4e391f16612b6ad641c4d5f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T050149Z
date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
P753lleux34qcZIwp2K4VVYHiHlnT.Er
cf-cache-status
HIT
x-amz-request-id
T02HH0C8JZVNX307
age
458931
cf-polished
origFmt=png, origSize=17733
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
2db954930c796037a605d34adffd198beec535c530303cebc79d9bdedf5f1df8
content-disposition
inline; filename="toto_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
12116
x-amz-id-2
8cgFEKiNnTQZQoYn7BI4XKcGgxocoHtj8Vdopp+AlOCuv9DDtdFW1gJa1vuHqMg79acAphElZ+w=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:19 GMT
server
cloudflare
etag
"35aded89a44dc59b8d67c1dc2cd6c126"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379da4365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
pool_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/
14 KB
15 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/pool_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
16c6e52bde4cc463f31ed65f80f376b8c58a223f75b4bc3338d9d3b54d3431a4

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T050455Z
date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
55QMxsusrtDd9NXqFXdHZPJ1UDEV7Wfq
cf-cache-status
HIT
x-amz-request-id
T1WAA4HY9SBBJCRG
age
168845
cf-polished
origFmt=png, origSize=22113
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
a3918ee135aa18682d95357bcbf2ba1c10fdc135ee3abf372ce12e5cd70c4069
content-disposition
inline; filename="pool_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
14640
x-amz-id-2
fRnTMvqrSNsU0WltGyniwlny9MUmQYc3q2abO+BYW3SXY3ohznKZfGbbCW6vzmj8wixoRwoAslk+sYKvtMWoJQ==
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:19 GMT
server
cloudflare
etag
"031331cbf5f8550904b9ba00229c715b"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379da6365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
king4D_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/
11 KB
12 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/king4D_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3043faabfc9ef8064fceef7f739ce3346b98579cabcf518a9197f7d124292fc

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T051448Z
date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
HIs3pdprzJuXRnkeHlPIZSluw.r8t2rO
cf-cache-status
HIT
x-amz-request-id
GAQ06TSD9HQ1C56C
age
247952
cf-polished
origFmt=png, origSize=18340
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
37bfe8eb57cd9c5dc556cdb3662198849f7c638b6223fa7ec660e6375b767333
content-disposition
inline; filename="king4D_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
11598
x-amz-id-2
LSWHrAlJJfFUrzSGiv7khiglBCwxP18iw8ATL7wHFJPI9zPmIZHHzjgCrYl8Ae/5WJRFbQThyO73CcrR7hgIyg==
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:18 GMT
server
cloudflare
etag
"1f0b84960a0b799d0c9e88ba4c472d7f"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379da7365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
HKGrand_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/
13 KB
14 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/HKGrand_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f80cdbf4cc504bcc47aa3fa33c4729dbe72e4df21e5610e4b3a15cfdb19d988

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T050936Z
date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
7wXd10smtwOxpDe9nqlnMnJOEyiOdjuX
cf-cache-status
HIT
x-amz-request-id
DY9WRJ8GDE5RSVG1
age
158249
cf-polished
origFmt=png, origSize=21303
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
71f72f2b2e6d7ea0ed575c6497efdd103f37f814eecc634fefb6af781cda273e
content-disposition
inline; filename="HKGrand_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
13584
x-amz-id-2
B68FzhxqwQtGZvIDehtQAj5X4GhFUDHHaN9NYHyYgex5Tnvz9ey9OJjNXeYRDcR3XOJ3ReqFz2E=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:18 GMT
server
cloudflare
etag
"f3a6b7700940af0420845d154f36fa1e"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379dab365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
amazon_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/
14 KB
15 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/hkgp_game_logos/amazon_b.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ddb9b51c5a2d9a773bdf1f50364aa809b41a3d0fa947fc485e2480647ad59c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210922T051244Z
date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
6VlmMuxQEQdG.vgAZco8lMzK_ragurOE
cf-cache-status
HIT
x-amz-request-id
ZFVARHB6MCRSWH1H
age
588345
cf-polished
origFmt=png, origSize=22771
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
86c21bf694873e0a95347027bbf7327bb122e14542500ed93759cd19f67093d5
content-disposition
inline; filename="amazon_b.webp"
alt-svc
h3=":443"; ma=86400
content-length
14596
x-amz-id-2
qvdtosGhJWV+1CQr3I9nI5B+3EO/1wAq3RR6UVjlTN9/bOzq4g2wnr3wCkeUNAboqZv+Ciu/uU0=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 22 Sep 2021 05:16:18 GMT
server
cloudflare
etag
"ed48fd95fe064232d6273d069139d854"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379daf365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
user.png
files.sitestatic.net/assets/imgs/gigagaming/
886 B
1 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/gigagaming/user.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4fbf85a9cb3dd8d9b9cee3a1014e3caf54e5c48db130732840ba7733af1a01ec

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20220715T092448Z
date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
BwLSKBdxhm3alFCnHjnbK_.lWXakwovR
cf-cache-status
HIT
x-amz-request-id
Y1EPSNNX268HXPC2
age
159365
cf-polished
origFmt=png, origSize=1402
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
82e9ec0c6df65415904210f107561a4ff1df6bf3233739d4fce8275bdc902198
content-disposition
inline; filename="user.webp"
alt-svc
h3=":443"; ma=86400
content-length
886
x-amz-id-2
bBjbCce+qWUDLezkgefW8d2OkNedR7ZTsFRnHP4Lnj5Cb14heRL4B07g9L+yD4FAQKFi78dCtQM=
cf-bgj
imgq:85,h2pri
last-modified
Fri, 15 Jul 2022 09:31:11 GMT
server
cloudflare
etag
"2e5275e8574c38ec016d594a9d719118"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379db0365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
cash.png
files.sitestatic.net/assets/imgs/gigagaming/
1 KB
2 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/gigagaming/cash.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
891b06c855b5a66c0fcb5007d609e4c3a81f0cee98ffad8835ab8e98521b95c5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20220715T092704Z
date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
87yPaoADlDjPrBkkch0QViK2kXzJ4itT
cf-cache-status
HIT
x-amz-request-id
3544YQST5X62E4MZ
age
65976
cf-polished
origFmt=png, origSize=2268
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
ae2181f834c42eb2382906275ae1192f39f57ea4f94bd318e916ffcf4f6571ba
content-disposition
inline; filename="cash.webp"
alt-svc
h3=":443"; ma=86400
content-length
1304
x-amz-id-2
e9q0lv5TNDrWGvhL4OKkmpMOUMNkFm0nY4YG9o53GiiwO3Ap9E7IYRhEJx5v/7Ux6Tz6UMhHDLQiO0IRLoqdwg==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 15 Jul 2022 09:31:11 GMT
server
cloudflare
etag
"774f301c1313f3fd760fc75d4a921ee6"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379db2365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
online.png
files.sitestatic.net/assets/imgs/gigagaming/
1 KB
2 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/gigagaming/online.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cdc9c3093d1d005ecb2f9bb322d8defba8bec58f505708e4d508335fa1fd87ef

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20220715T092624Z
date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
MW8EsZ__bFok98kkyCTjnHrto1TFEWEY
cf-cache-status
HIT
x-amz-request-id
GPMFYTKM51JDQFSH
age
156932
cf-polished
origFmt=png, origSize=1943
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
4601c973464ccad30f025ba2eb8f524c55917ec84eb93bbd6aa6768a65e88428
content-disposition
inline; filename="online.webp"
alt-svc
h3=":443"; ma=86400
content-length
1244
x-amz-id-2
2TA3jBfn9pbkYh1CrJG55DLCF7OBk/j8Ny4dL9kXRA2bG4px/3JzHVsmcy1jXpKjK7Yfuo2nhJw=
cf-bgj
imgq:85,h2pri
last-modified
Fri, 15 Jul 2022 09:31:11 GMT
server
cloudflare
etag
"0058dcbac59d5e17685880e45d2e57a8"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379db3365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
bank_col.jpg
files.sitestatic.net/sprites/bank_logos/
2 KB
2 KB
Image
General
Full URL
https://files.sitestatic.net/sprites/bank_logos/bank_col.jpg?v=3
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9a42baeabb75eb4eeb81d111196c4d5b129288f195c9ea8ab17b7344a29152

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
mf8_Ntbd6wMRnXvDqml_sFaja__VLggA
cf-cache-status
HIT
x-amz-request-id
BE8CAFZ8WN6VSP3H
age
170471
cf-polished
status=not_needed
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
1726
x-amz-id-2
YDH3Re0o3kmVDIw3nujUiI0ADvxjpFjD6frOVHThw+9b0fUemW92Xs5Nl7Nc6G8Eg8mU4GNnGkY=
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Dec 2023 04:25:54 GMT
server
cloudflare
etag
"af9df6537ae2ed0ce71c27996899b8d4"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379db5365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
ewallet_col.jpg
files.sitestatic.net/sprites/bank_logos/
1 KB
2 KB
Image
General
Full URL
https://files.sitestatic.net/sprites/bank_logos/ewallet_col.jpg?v=3
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1bc6ddf81b9212855c94157645c93be27c8380737f4ee22502220e2f57822d

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
YbJ8yC.ozANJQ2DTvJ_FOng9bCXoTnCd
cf-cache-status
HIT
x-amz-request-id
E88YBN7ZZ6DA9YHR
age
162620
cf-polished
qual=85, origFmt=jpeg, origSize=1410
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="ewallet_col.webp"
alt-svc
h3=":443"; ma=86400
content-length
1230
x-amz-id-2
p53Ztbbla3M4+PA4BDOspYXd+c3YJdgeSuzzNwxrcuYMm9SjbSigg+Lgi751RZyzyyVAoS3uzoQ=
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Dec 2023 04:25:55 GMT
server
cloudflare
etag
"a8fff466cb41638b9ec8809d201661da"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379db7365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
pulsa_col.jpg
files.sitestatic.net/sprites/bank_logos/
1 KB
2 KB
Image
General
Full URL
https://files.sitestatic.net/sprites/bank_logos/pulsa_col.jpg?v=3
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
230d6bc167e2bd82773b97c8a50ff08481d6006f1c4ecc547403cd5ae2e9b969

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
xhl01QGXRGhxbTKEa24j63rnPkNYvNt4
cf-cache-status
HIT
x-amz-request-id
73DKZ7R13NA7TQJ4
age
77882
cf-polished
qual=85, origFmt=jpeg, origSize=1239
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="pulsa_col.webp"
alt-svc
h3=":443"; ma=86400
content-length
1094
x-amz-id-2
jRavvZ83fEYDVaqTUyjnoF0Q+fyqa5zbgBRJKsaIKNTJs9RmA9SANz53bQXoYokIwtJJINa5l1bm0ZighWlzEg==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 01 Dec 2023 04:25:54 GMT
server
cloudflare
etag
"de6e906389c16211ca3beeba325e530d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7379db9365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
style.min.css
www.dewi188os.com/fonts/ugsubskin/icomoon/
0
0

log_html5.png
www.dewi188os.com/assets/images/
0
0

btn_playnow.png
www.dewi188os.com/assets/images/
0
0

jquery.validate.min.js
cdn.sitestatic.net/assets/jquery-validation/
24 KB
8 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery-validation/jquery.validate.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
HRFJV81ER5N1F9S5
age
161092
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rXRGOdq3BLFI73nAt0Xf1yaMcf7wi9CJWKYRfOJ2hgw9G9prbCjGQBLnVtcA3ZTTvfmTT8EkezQ=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"5861a036c2de6c2df26749fe41d57605"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8901f737ec8d2c04-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
additional-methods.min.js
cdn.sitestatic.net/assets/jquery-validation/
22 KB
7 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery-validation/additional-methods.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
F0PYHYAE3CXEW9NZ
age
174891
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
6B2vACBnsVPoZfGBmzVUt1SyCoy4pthtQgmldH0TFjLWyPW75FH3NQ5OSJM4tXm7/qXtItYnXEZXjXiPOQrerg==
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"48babc4e826404ef8b8ca5bad48fc133"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8901f737ec8f2c04-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
jquery.fancybox.min.css
cdn.sitestatic.net/assets/fancybox/
12 KB
3 KB
Stylesheet
General
Full URL
https://cdn.sitestatic.net/assets/fancybox/jquery.fancybox.min.css
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
FFHVYP726TW4HJ4A
age
161092
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
RJD/hhMcx1ez8K5sbWUSgI9Xy3+6I15BxbnK8iXhUEnUrcZtkMmBgGux/cLH2Z0NgQcMLkAnWj8Uq4LdyJ7Ezg==
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"a2d42584292f64c5827e8b67b1b38726"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8901f737ec922c04-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
jquery.fancybox.min.js
cdn.sitestatic.net/assets/fancybox/
67 KB
22 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/fancybox/jquery.fancybox.min.js
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
ZMQT046M0PHMWHRB
age
170980
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
dBTJNUqE54OzFeaCXZLbVPGToXCZE7hug8k66sMAMdrh/AEAC1Kw96s6WOEmZ6wq4prgvuwOvhc=
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"49a6b4d019a934bcf83f0c397eba82d8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
8901f737ec942c04-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
app-mobile.js
www.dewi188os.com/js/ugsports/
0
0

326221803187753
connect.facebook.net/signals/config/
66 KB
14 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/326221803187753?v=2.9.157&r=stable&domain=dewi368.mstenergy.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b9f3c72c2b1ac604278d76d9d0a6069817842fccf2c84b4988c209bb7f6900dc
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 07 Jun 2024 16:19:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=61, mss=1297, tbw=63534, tp=-1, tpl=-1, uplat=76, ullat=0
pragma
public
x-fb-debug
z0QLJKKCV6WzlWRtQunAJ6lPZqMiOPBFts2S0PYBjYYAl69gzdQsU1zJ3xUo9ZF3RMmvOB3jB6hNbQ2ubSApjQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
911758476995311
connect.facebook.net/signals/config/
24 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/911758476995311?v=2.9.157&r=stable&domain=dewi368.mstenergy.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-fra5.fbcdn.net
Software
/
Resource Hash
16f5b6b3f05832ec5c501b053858f0c44db2175e8af1b55d51d39d3df5752f4a
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Fri, 07 Jun 2024 16:19:46 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=9, rtx=0, c=23, mss=1232, tbw=4620, tp=11, tpl=0, uplat=66, ullat=0
pragma
public
x-fb-debug
0EGJadLdHlO0b41Yb1FBfGsN6gxS57DaFAnwlAnHBZ2x7C2M+bqzJcp2Hui6pKI56M23c+77moX08/6t3i6qDQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=326221803187753&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717777186723&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717777186719.376245688963808843&cs_est=true&ler=other&cdl=API_unavailable&it=1717777186581&coo=false&rqm=GET
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=10, mss=1297, tbw=2834, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 07 Jun 2024 16:19:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
474 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=326221803187753&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717777186723&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717777186719.376245688963808843&cs_est=true&ler=other&cdl=API_unavailable&it=1717777186581&coo=false&rqm=FGET
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0715a00f99954051","source_keys":["1","2"]},{"key_piece":"0x922e6c8a0ffb8bd7","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 07 Jun 2024 16:19:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=14, mss=1297, tbw=6530, tp=-1, tpl=-1, uplat=205, ullat=0
pragma
no-cache
x-fb-debug
90m6GcxRKMM2i1lpcjVDPYGzL4HAheQQx9WNWt8BrFzAgubppr/F4VRIHE4+04yMxsh6UJlO6CIpdM226KbXiA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
103 B
Image
General
Full URL
https://www.facebook.com/tr/?id=911758476995311&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717777186805&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717777186719.376245688963808843&cs_est=true&ler=other&cdl=API_unavailable&it=1717777186581&coo=false&rqm=GET
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=11, rtx=0, c=14, mss=1297, tbw=3221, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Fri, 07 Jun 2024 16:19:46 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=911758476995311&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717777186805&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717777186719.376245688963808843&cs_est=true&ler=other&cdl=API_unavailable&it=1717777186581&coo=false&rqm=FGET
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

attribution-reporting-register-trigger
{"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x038871a8d0258221","source_keys":["1","2"]},{"key_piece":"0xcafa1f4808356c42","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding
zstd
x-content-type-options
nosniff
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security
max-age=15552000; preload
document-policy
force-load-at-top
date
Fri, 07 Jun 2024 16:19:46 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=14, mss=1297, tbw=3368, tp=-1, tpl=-1, uplat=153, ullat=0
pragma
no-cache
x-fb-debug
XuSjsEV+6wHGtgVh28u/QUF/cMXezAIjMBO6By0rLp3SjDK+52z1geaQjII+7a0hcgPTxTw0HK+72PUpCstTcA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
css2
fonts.googleapis.com/
5 KB
719 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;600&display=swap
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/app-mobile.css?id=d7271366690886d588ae
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d5d856ec5c1d566a929bd730f7425c1f67db9bf6cdce2f2108e5e8cab03313a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Fri, 07 Jun 2024 16:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 16:19:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 16:19:47 GMT
css2
fonts.googleapis.com/
5 KB
0
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;600&display=swap
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/custom.css?id=d002093e299d92b41341
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6d5d856ec5c1d566a929bd730f7425c1f67db9bf6cdce2f2108e5e8cab03313a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 07 Jun 2024 16:19:47 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jun 2024 16:19:47 GMT
jquery-ui.min.css
cdn.sitestatic.net/assets/jquery/
31 KB
8 KB
Stylesheet
General
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery-ui.min.css
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:47 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
JT3F85NTTE5GQNSP
age
161093
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jggiFn8G7neJe14p1dXRdnzotz1oHVEugiV1XWedT/lans/L0/76cScjZqjGTM8iZJGIsAa+6MooeGOhxE0vEA==
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"0b5729a931d113be34b6fac13bcf5b29"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8901f73dbc689125-FRA
expires
Sat, 07 Jun 2025 16:19:47 GMT
Maneki_Neko.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
19 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Maneki_Neko.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
70780a7c65b77d6d22afe34711fd6571bdaff21596575801b9459f4f2db9855c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
eZ.TWEy8Ec2ecekPKEkKj_TeO3SBPC1X
cf-cache-status
HIT
x-amz-request-id
NW6XPFMXA73V800S
age
71244
cf-polished
origFmt=png, origSize=22441
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Maneki_Neko.webp"
alt-svc
h3=":443"; ma=86400
content-length
19904
x-amz-id-2
Y1uLgwn7rxGhvKOp3bVR0YlRabZXwa9xD8f8Bjw2nxW5iRAC9+b5dX49YG7a9sVt9nBWHN+f17AP/79ITgmsvA==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 12 Apr 2024 10:53:08 GMT
server
cloudflare
etag
"650487dbd3efbb6cd1a3da6c1727cee2"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7373d0d365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Mahjong_Ways_Two.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
21 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Mahjong_Ways_Two.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
96a5e5a540a4dfbcd282bfbb91f69ddd72f7209719b7c11d0af648a5102d79da

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
x3JiK5B5fnGWCbLzlBqUhHUvBezzEkNG
cf-cache-status
HIT
x-amz-request-id
39064CVZ3FQP5GCG
age
156933
cf-polished
origSize=22530, status=webp_bigger
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
21781
x-amz-id-2
viNjTjUfqnRbHvBzteghXtKh5xk7LzJNfsO1rCqoxAgi8RGNmkFaoX/DzITkmjlX6XT0n4M2qv2OYDNG7Q7zyg==
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:46 GMT
server
cloudflare
etag
"bc01167bfc2cc3da649f2676848db923"
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7373d11365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Gates_Of_Olympus.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
20 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Gates_Of_Olympus.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c783ae9a7961fcafdda9d2c0ea62c73fadc4811f06a4ffc08f7e654bb83cf472

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
S4GR9uNWr.zKiF_6y5R8PTHxR5Zee5w9
cf-cache-status
HIT
x-amz-request-id
CJ0ABSKND8KNWCEQ
age
70164
cf-polished
origFmt=png, origSize=21732
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Gates_Of_Olympus.webp"
alt-svc
h3=":443"; ma=86400
content-length
20610
x-amz-id-2
oht5yK13hQ9jhsx5KmWHY4GzquuDGEhBeeGzL0pMCwvUAEkDn7Wr9FBRmQnENxnXcOKKE6C3eeH/XfOm6gBH9Q==
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:41 GMT
server
cloudflare
etag
"2ca81042859e7e09bec1de01b6f2a352"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7373d16365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Starlight_Princess.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
18 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Starlight_Princess.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
06b3b723285deec88d88deb08bf651d1a66959b60959785fe07d4e2888de9998

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
biiVY1BNQEW0ox8XUT4b3LEGy45XJ370
cf-cache-status
HIT
x-amz-request-id
CJ05DQD2KK3F9VWG
age
70164
cf-polished
origFmt=png, origSize=19891
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Starlight_Princess.webp"
alt-svc
h3=":443"; ma=86400
content-length
18698
x-amz-id-2
hxdioWwwcYox0t+CpmKNhRsXMt8XzqQv8mJ+8r8iSQkFYxXC9pfexJHLJm7q2OOCNLa36HIziD4=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:49 GMT
server
cloudflare
etag
"c0ebcad0fb5984762cc644bb6c4d1f07"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d6f365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Mahjong_Ways.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
19 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Mahjong_Ways.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f73ac99c08fabbedde5cae860087d7d16d9e6ab85863f83b6dd89e2a934012af

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
In6gxRZ8b6PnTDNXDu.JBO90nm15oeCZ
cf-cache-status
HIT
x-amz-request-id
GMFMJ09611VX00PG
age
79703
cf-polished
origFmt=png, origSize=20153
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Mahjong_Ways.webp"
alt-svc
h3=":443"; ma=86400
content-length
19252
x-amz-id-2
6bMZW48rw4utdRgjUl0obmoXAH8AvGaaO9MUDvro106WHbbcjncatHNEnv+D/1dUARICZ9zKEhg=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:45 GMT
server
cloudflare
etag
"b971c6792f68d486371df509ad3c0661"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d70365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Sweet_Bonanza.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
16 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Sweet_Bonanza.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb2b812df04aa12e2f598c4847c516b077a0249ff62e84951c94fd9b22f31b1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
0YrO38l4D.o9DfeiC.D7BmkxiULY_Aw5
cf-cache-status
HIT
x-amz-request-id
JWGC1H1VT0GC17VC
age
588345
cf-polished
origFmt=png, origSize=17058
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Sweet_Bonanza.webp"
alt-svc
h3=":443"; ma=86400
content-length
16686
x-amz-id-2
MZp1oBtCzK3FOJK2+7+JEkspQNlQvpObusOxo9iAP7Xn9pG5tMbdiq1shRQWnPY9v1hP2KYOd7Q1xMQePyLMew==
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:52 GMT
server
cloudflare
etag
"6cc91fa9659038c1b7d61d9e8794bb80"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d74365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Gates_Of_Olympus_1000.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
59 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Gates_Of_Olympus_1000.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
26936934bd1611d66d3c77d318d16af4e067d6b45ed70f9d914c2870949df658

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
rP_jiNr3X7lkNOVoyNTwov0IZw2fozDU
cf-cache-status
HIT
x-amz-request-id
8BFF66PZKBJP7DGX
age
75408
cf-polished
origFmt=png, origSize=74738
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Gates_Of_Olympus_1000.webp"
alt-svc
h3=":443"; ma=86400
content-length
60708
x-amz-id-2
GgCzksKsFX093fpw7kMUmD+5D6riOx/QlEVsv+duJpVTfvslRWKg3yuGta32706zVqHf4+4h6/P4+QyHKrMoig==
cf-bgj
imgq:85,h2pri
last-modified
Fri, 12 Jan 2024 12:52:59 GMT
server
cloudflare
etag
"62ef81bab5264926d8f2068140cd80e4"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d76365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Lucky_Neko.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
18 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Lucky_Neko.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e458b6398b0f729b96a4c6134d5d11857f65832b5f66acabe27e7a9ff2d5e10

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
pv76Enwz6LhszHxkVHUvGUms0dWzDTms
cf-cache-status
HIT
x-amz-request-id
CCN75E0HPDAAYM76
age
153490
cf-polished
origFmt=png, origSize=19347
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Lucky_Neko.webp"
alt-svc
h3=":443"; ma=86400
content-length
18078
x-amz-id-2
5KXNHFrOt875xUzoixWINUEF2anTNjCKHg1Sl24bozjAZtwzdLoZeGiRZ8T8o9GRV01Ftn+qqog=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:43 GMT
server
cloudflare
etag
"026aede0e800879a5cd791409692b598"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d7a365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Neko_Riches.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
17 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Neko_Riches.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8a2f63033d659ab070c5fe3391e27c2e59ee90024dd48451f72ff4ff63ecbd9

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
G0.VTw5pykVmnpYd56sVm3_eZFvYRSpx
cf-cache-status
HIT
x-amz-request-id
SGZ92A69Y3THKSM0
age
149155
cf-polished
origFmt=png, origSize=17957
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Neko_Riches.webp"
alt-svc
h3=":443"; ma=86400
content-length
17126
x-amz-id-2
tnSy183kbEax05WA0XzkR/bMgz02+g1Y0ycEkh98sRtD7Ly/ye1pS7hOsizkyOUdTL43SjpGzzk=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:48 GMT
server
cloudflare
etag
"f764de80b2bfc14a2448a6b132d1ba7d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d7c365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Wild_Bandito.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
18 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Wild_Bandito.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c58c101cc884efde178a3043489874d9f58bce38e1b6a6795ef8065abbf48f6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
bmBHQZ8z_J8SYtVcGWBxtmi9_xkPg73Q
cf-cache-status
HIT
x-amz-request-id
6KV2H9QZFNVJMBJ0
age
135317
cf-polished
origFmt=png, origSize=19636
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Wild_Bandito.webp"
alt-svc
h3=":443"; ma=86400
content-length
18740
x-amz-id-2
7O3WSwMCAx9lngmpm87nwgZnoRUcmp+LOXJz0za2wUKTsLfukPQUWXM28VN1kzU1sHcS4/WNMhwdN8kMnyddnA==
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:57 GMT
server
cloudflare
etag
"911838672d75d53326341e56fb1ad30d"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d7e365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
Starlight_Princess_1000.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/
20 KB
0
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Starlight_Princess_1000.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
51ecb52b412444d5649e7cb8e2dbceb134216bae4a3126f90e87e2a39223c48e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:46 GMT
x-amz-version-id
EBH7_w39F0Bzgds7kbimj7W80jT3Swhx
cf-cache-status
HIT
x-amz-request-id
FF2KK9YMFHNMC5J4
age
149154
cf-polished
origFmt=png, origSize=21375
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="Starlight_Princess_1000.webp"
alt-svc
h3=":443"; ma=86400
content-length
20054
x-amz-id-2
5Zlb7ROfuivA+Sz69C+nSnJincyGsdG1XCvRK2HVQeI8gWAiiRvzB3Zh5FUEXMwRkkEc9fPvgog=
cf-bgj
imgq:85,h2pri
last-modified
Tue, 07 Nov 2023 13:34:51 GMT
server
cloudflare
etag
"21e420b9e0210a1662aed8aabb769d60"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7377d7f365b-FRA
expires
Sat, 07 Jun 2025 16:19:46 GMT
theme-title-bg-img-t8.png
files.sitestatic.net/assets/imgs/gigagaming/
164 KB
165 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/gigagaming/theme-title-bg-img-t8.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/custom.css?id=d002093e299d92b41341
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
59eaa891acea59e47c542f2849d06002b9b889cb4e07450ae8f9cdc532024f60

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20211005T124514Z
date
Fri, 07 Jun 2024 16:19:47 GMT
x-amz-version-id
x5VDhcnp3nP0s.M0oRztWplpSrXCwPMh
cf-cache-status
HIT
x-amz-request-id
2ET4FSZSJYFP5CKD
age
157
cf-polished
origFmt=png, origSize=278698
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
8bb4df4ed3cebbdd1921962669a4db8fac15e82261a858d2a3a7759294950368
content-disposition
inline; filename="theme-title-bg-img-t8.webp"
alt-svc
h3=":443"; ma=86400
content-length
167880
x-amz-id-2
qKxhRBj1wl5aDIcRjNO2UarCJjatZyei8JP8BUd5EHkrncSr/YuO629bNVO1K4o/DMoV9XTTa3aEP4PQ0VlEmg==
cf-bgj
imgq:85,h2pri
last-modified
Tue, 05 Oct 2021 12:46:16 GMT
server
cloudflare
etag
"67dcb9bf24d0fb2cd64cc5430bc844f8"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f73dde7e365b-FRA
expires
Sat, 07 Jun 2025 16:19:47 GMT
title-bg-img.png
files.sitestatic.net/assets/imgs/gigagaming/
51 KB
51 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/gigagaming/title-bg-img.png
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/custom.css?id=d002093e299d92b41341
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea5c630a2450f07fc3ec8347b7d48fa5e8022b5fd8a04c2d491ae9390403c2b6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20210923T100609Z
date
Fri, 07 Jun 2024 16:19:47 GMT
x-amz-version-id
hQvZUrgpQh7YwY.9.NGIS5BTz3wjU90g
cf-cache-status
HIT
x-amz-request-id
Y11AXV7KX261QRE4
age
77537
cf-polished
origFmt=png, origSize=92329
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
217e7ec18e1c0a250d90170d1badf8f15ca1186693a1389cdf8264f6fdf805eb
content-disposition
inline; filename="title-bg-img.webp"
alt-svc
h3=":443"; ma=86400
content-length
52000
x-amz-id-2
AIY8iyFdmUN/sNY8fU3a/On+mONk7OgzbyA0Fscos1ccibrFEuBFP8SsPBNJp9npFCACBiSAVWPO/YSMFPQEoA==
cf-bgj
imgq:85,h2pri
last-modified
Thu, 23 Sep 2021 12:02:30 GMT
server
cloudflare
etag
"51e5cca82f51963c4c848bec65001cdc"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f73dde81365b-FRA
expires
Sat, 07 Jun 2025 16:19:47 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/
32 KB
32 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dewi368.mstenergy.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 01:36:19 GMT
x-content-type-options
nosniff
age
53008
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Jun 2025 01:36:19 GMT
UqyJK8kPP3hjw6ANTdfRk9YSN983TKU.woff2
fonts.gstatic.com/s/rubikmonoone/v18/
13 KB
13 KB
Font
General
Full URL
https://fonts.gstatic.com/s/rubikmonoone/v18/UqyJK8kPP3hjw6ANTdfRk9YSN983TKU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik+Mono+One&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c1e770d64eb3fdf5bbbb8a366df90607632d68f266edc21af9230fe5181c1813
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://dewi368.mstenergy.xyz
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 14:07:57 GMT
x-content-type-options
nosniff
age
267110
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12844
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:52:43 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Jun 2025 14:07:57 GMT
jquery-ui.min.css
cdn.sitestatic.net/assets/jquery/
31 KB
0
Stylesheet
General
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery-ui.min.css
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:47 GMT
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
JT3F85NTTE5GQNSP
age
161093
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
jggiFn8G7neJe14p1dXRdnzotz1oHVEugiV1XWedT/lans/L0/76cScjZqjGTM8iZJGIsAa+6MooeGOhxE0vEA==
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
server
cloudflare
etag
W/"0b5729a931d113be34b6fac13bcf5b29"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=31536000
cf-ray
8901f73dbc689125-FRA
expires
Sat, 07 Jun 2025 16:19:47 GMT
flags-sm.png
files.sitestatic.net/sprites/
12 KB
13 KB
Image
General
Full URL
https://files.sitestatic.net/sprites/flags-sm.png?v=8.1
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/app-mobile.css?id=d7271366690886d588ae
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fd75df23a36dc508478535ee809456a101fe36802252d6ebfb586dfaaf4c2d1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-meta-s3b-last-modified
20230215T020107Z
date
Fri, 07 Jun 2024 16:19:47 GMT
x-amz-version-id
hLUm81uQN3iSTcpk4UFxAE3C0h95JMA8
cf-cache-status
HIT
x-amz-request-id
9XZ69BNWZK6J8Z07
age
229944
cf-polished
origFmt=png, origSize=21986
x-amz-server-side-encryption
AES256
x-amz-meta-sha256
bcad67cbdce6856e5b7d009d7a6d5a29a468fd459661b7cfda87cee20d0de26a
content-disposition
inline; filename="flags-sm.webp"
alt-svc
h3=":443"; ma=86400
content-length
12586
x-amz-id-2
VSA0JRcLoaDeHDW3X5B+iozbUqFuGsywJ87Mz1gk+g3eslcw53LviiMtI7pt4efNt2FPv6uQZCI=
cf-bgj
imgq:85,h2pri
last-modified
Wed, 15 Feb 2023 02:23:05 GMT
server
cloudflare
etag
"f65867ed882901895a6527c452994998"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f73f48d8365b-FRA
expires
Sat, 07 Jun 2025 16:19:47 GMT
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/
263 B
253 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
95.101.75.43 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-75-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e9d6e527652f3af0e98c1b86600a43888dcc7b59d0057b1c97b0491233c559ae

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 07 Jun 2024 16:19:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
234
quic-version
0x00000001
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/
0
0
Preflight
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dewi368.mstenergy.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 07 Jun 2024 16:19:49 GMT
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/
269 B
254 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=579857628894334997&lib=kwaiq
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
95.101.75.43 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-75-43.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
fc6f9eb7bbc5187b80b5c9a72496bfd4ad077b5276910626eeae5bb90b19079e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

date
Fri, 07 Jun 2024 16:19:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
235
quic-version
0x00000001
getGrayInfo
ads.mythad.com/rest/n/adintl/gray/
0
0
Preflight
General
Full URL
https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dewi368.mstenergy.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
0
date
Fri, 07 Jun 2024 16:19:49 GMT
getPokerJackpotAmt
www.dewi188os.com/
0
0

20240408222923000000d86f259affGGGAAAT__647x1280.jpg
files.sitestatic.net/promotion_banners/
139 KB
139 KB
Image
General
Full URL
https://files.sitestatic.net/promotion_banners/20240408222923000000d86f259affGGGAAAT__647x1280.jpg
Requested by
Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
d466f4a1f8081797fb8728c3b348bde084abdd8639620acd5465c2d5c8c71a2c

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:47 GMT
x-amz-version-id
SsLAQosIVwPpnCGGtHLI8LIDdy45mUEl
cf-cache-status
HIT
x-amz-request-id
QVEBYTQBZDA91XG4
age
71243
cf-polished
qual=85, origFmt=jpeg, origSize=268811
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="20240408222923000000d86f259affGGGAAAT__647x1280.webp"
alt-svc
h3=":443"; ma=86400
content-length
142284
x-amz-id-2
NGI4u3McdzVn4JbwR71sq0yh8oExuN27pioq1uFGy8RGTVQ73VTv55zB3Gi1RK5ca4LjRfhCc9JopGLY3jnOOw==
cf-bgj
imgq:85,h2pri
last-modified
Mon, 08 Apr 2024 14:29:24 GMT
server
cloudflare
etag
"1ccde547540f3df0811976ed130cc170"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7402a8a365b-FRA
expires
Sat, 07 Jun 2025 16:19:47 GMT
62b678fe711a9_imgpsh_fullsize_anim%20(2).png
files.sitestatic.net/ImageFile/
51 KB
52 KB
Other
General
Full URL
https://files.sitestatic.net/ImageFile/62b678fe711a9_imgpsh_fullsize_anim%20(2).png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
154.83.2.240 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5859fcc9c39f9d180c1d660851e7fdfee95868aa09331eece97f87917c9acfe1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:47 GMT
x-amz-version-id
RYmX9QGpGBbcMMl5EEqN_ALZtCak_hl.
cf-cache-status
HIT
x-amz-request-id
BPE0ZZDERRX1NJEG
age
263581
cf-polished
origFmt=png, origSize=92119
x-amz-server-side-encryption
AES256
content-disposition
inline; filename="62b678fe711a9_imgpsh_fullsize_anim%20(2).webp"
alt-svc
h3=":443"; ma=86400
content-length
52252
x-amz-id-2
FiqQfrZUmYU1AxqHEGkVxQkfuy2oSJu473kfmv5RDC94UciV1LX7Z7WOSH02EmT+e1ONNpQqoDo=
cf-bgj
imgq:85,h2pri
last-modified
Sat, 25 Jun 2022 02:54:55 GMT
server
cloudflare
etag
"0b5e3632e59bde67cc678dbd86180678"
vary
Accept
content-type
image/webp
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
8901f7407aea365b-FRA
expires
Sat, 07 Jun 2025 16:19:47 GMT
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/
285 KB
76 KB
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=567155347929432085&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
17a08ca949b6aafa43a8cd1490fd52174a7c697bd5f8d4aa46036f89c36e2a43

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
81.95.5.36
Date
Wed, 05 Jun 2024 02:18:24 GMT
Content-Encoding
gzip
x-oss-request-id
665FCAF0ADA096373074FD63
X-Cache-Lookup
Cache Hit
Content-MD5
7P9nfeyJxYxyrA2r6d0ebw==
kwaisign
NULL
Connection
keep-alive
Content-Length
76866
X-Ks-Request-ID
1289028665555813088
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Tue, 28 May 2024 09:04:08 GMT
Server
Lego Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
1289028665555813088
Accept-Ranges
bytes
x-oss-hash-crc64ecma
7425553369367326137
x-oss-server-time
42
Expires
Fri, 05 Jul 2024 02:18:24 GMT
core.js
s1.kwai.net/kos/s101/nlav11187/pixel/core/
285 KB
76 KB
Script
General
Full URL
https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=579857628894334997&lib=kwaiq
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=579857628894334997&lib=kwaiq
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
43.152.26.142 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
Lego Server /
Resource Hash
17a08ca949b6aafa43a8cd1490fd52174a7c697bd5f8d4aa46036f89c36e2a43

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-ks-client-ip
81.95.5.36
Date
Wed, 05 Jun 2024 02:18:24 GMT
Content-Encoding
gzip
x-oss-request-id
665FCAF0ADA096373074FD63
X-Cache-Lookup
Cache Hit
Content-MD5
7P9nfeyJxYxyrA2r6d0ebw==
kwaisign
NULL
Connection
keep-alive
Content-Length
76866
X-Ks-Request-ID
636951654094670782
X-Ks-Cache
Hit from 43.152.26.142
x-oss-object-type
Normal
Last-Modified
Tue, 28 May 2024 09:04:08 GMT
Server
Lego Server
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control
no-cache
x-oss-storage-class
Standard
X-NWS-LOG-UUID
636951654094670782
Accept-Ranges
bytes
x-oss-hash-crc64ecma
7425553369367326137
x-oss-server-time
42
Expires
Fri, 05 Jul 2024 02:18:24 GMT
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/
70 B
196 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.75.50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-75-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
66a91cd1dbe47bbb7b8a993a0ca4aba56be9390b8a1fbb05bbddd7f062436ed5

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://dewi368.mstenergy.xyz
date
Fri, 07 Jun 2024 16:19:49 GMT
access-control-allow-credentials
true
content-length
70
content-type
text/plain;charset=UTF-8
radar
logsdk.kwai-pro.com/rest/wd/common/log/collect/
72 B
287 B
XHR
General
Full URL
https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.75.50 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-75-50.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f7e4caca29a636b59f9c4021cd241a6930f0aa5f8178e5cf258e401446305cb

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://dewi368.mstenergy.xyz
date
Fri, 07 Jun 2024 16:19:49 GMT
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
72
content-type
text/plain;charset=UTF-8
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/
853 B
855 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=567155347929432085&pageId=pageId-1717777188866-9588139113226
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
5cda08a9cd22aa7e7d13286549db37e6f7465c9f556a6d74d18feeaa296f7a57

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 07 Jun 2024 16:19:49 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length
503
getPixelConfig
ads.mythad.com/rest/n/adintl/ad/
1 KB
878 B
XHR
General
Full URL
https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=579857628894334997&pageId=pageId-1717777188866-9588139113226
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
42c6bf8587e040e4711440d229921f3c35c9c8668a935269789b686eb62c7023

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://dewi368.mstenergy.xyz
date
Fri, 07 Jun 2024 16:19:49 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
615
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
api
ads.mythad.com/log/common/co/
2 KB
1 KB
XHR
General
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
94700cce20eb3e2b62d393044e86ffc6e8d0846997e13545e0bd11aa572457a6

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://dewi368.mstenergy.xyz
date
Fri, 07 Jun 2024 16:19:49 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
1013
vary
Accept-Encoding
content-type
application/json;charset=utf-8
api
ads.mythad.com/log/common/co/
0
0
Preflight
General
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dewi368.mstenergy.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 07 Jun 2024 16:19:49 GMT
api
ads.mythad.com/log/common/co/
2 KB
1 KB
XHR
General
Full URL
https://ads.mythad.com/log/common/co/api
Requested by
Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash
653b96c997f7bd6fdd915083001654cb239ce9f12f4312336004b2d1ac296560

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://dewi368.mstenergy.xyz/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type
application/json

Response headers

access-control-allow-origin
https://dewi368.mstenergy.xyz
date
Fri, 07 Jun 2024 16:19:49 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
1017
vary
Accept-Encoding
content-type
application/json;charset=utf-8
api
ads.mythad.com/log/common/co/
0
0
Preflight
General
Full URL
https://ads.mythad.com/log/common/co/api
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff18 , Germany, ASN201011 (CORE-BACKBONE CORE-BACKBONE GMBH GLOBAL NETWORK, DE),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://dewi368.mstenergy.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://dewi368.mstenergy.xyz
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Fri, 07 Jun 2024 16:19:49 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.dewi188os.com
URL
https://www.dewi188os.com/css/ugsports/swiper.css
Domain
www.dewi188os.com
URL
https://www.dewi188os.com/fonts/ugsubskin/icomoon/style.min.css?v=1.3
Domain
www.dewi188os.com
URL
https://www.dewi188os.com/assets/images/log_html5.png
Domain
www.dewi188os.com
URL
https://www.dewi188os.com/assets/images/btn_playnow.png
Domain
www.dewi188os.com
URL
https://www.dewi188os.com/js/ugsports/app-mobile.js?id=5e41997091caa380a2c9
Domain
www.dewi188os.com
URL
https://www.dewi188os.com/getPokerJackpotAmt

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| ardFunction function| fbq function| _fbq string| KwaiAnalyticsObject object| kwaiq object| install string| clientautodepo string| labelautodepo string| loadwl string| domainsystem string| uuidautodepo function| _0x5329 function| _0x1af3d6 string| apipath function| setupScriptOtomatis function| _0x2d89 function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| openNavItem function| closeNav number| newI string| host string| curr_host string| agent_url boolean| isAuth string| currencyCode string| lang string| agentCode function| formatNumber function| convertToNumber function| formatCurrency number| prize function| ajax_jackpot function| popitup function| popup function| commaSeparateNumber function| getRandomIntInclusive number| accLength function| bankAccLength function| changeLang object| events function| alertLogin function| Radar object| core object| _WEBLOGGER function| Weblog

7 Cookies

Domain/Path Name / Value
bumatek.boun.edu.tr/ Name: cookiesession1
Value: 678A3E55D7966330B24560163A310F21
.dewi188os.com/ Name: __cf_bm
Value: Th0N7inzrNn78NtmT5tqWdptAK1WNl4vKdFBBOBjxDw-1717777186-1.0.1.1-UlOecocwdfRIgVwa3UfJtaI7mK0WEKDanimU7Yi.7Jm6.nJJvkXuXVARHhTFOiaTPmODS38n8XfKqIp7huJrDw
.sitestatic.net/ Name: __cf_bm
Value: jz8y.IuZZgWoTaqzrEVFehQhIjUHbDQn7T1qPITMAqc-1717777186-1.0.1.1-eXgINK2EORBp6B7q62KSc.1vcib4QsXCvYVxoTBlA85vMO0j3m46No07PcDa40.ZV3qwLWYutoIzYwJGffp3Ow
.mstenergy.xyz/ Name: _fbp
Value: fb.1.1717777186719.376245688963808843
.mstenergy.xyz/ Name: _did
Value: web_7883665079822C08
.mstenergy.xyz/ Name: kwai_uuid
Value: c7a70059efb14dd8388b2697ced10561
.mythad.com/ Name: kwai_ckid
Value: 1717777189045_5432590394721178

62 Console Messages

Source Level URL
Text
network error URL: https://www.dewi188os.com/css/ugsports/swiper.css
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.dewi188os.com/fonts/ugsubskin/icomoon/style.min.css?v=1.3
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.dewi188os.com/assets/images/log_html5.png
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
network error URL: https://www.dewi188os.com/assets/images/btn_playnow.png
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://www.dewi188os.com/js/ugsports/app-mobile.js?id=5e41997091caa380a2c9
Message:
Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://dewi368.mstenergy.xyz/icomoon.woff2?h141kb
Message:
Failed to load resource: the server responded with a status of 404 ()
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 199)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 4084)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 4084)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/(Line 4084)
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation verbose URL: https://dewi368.mstenergy.xyz/
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript error URL: https://dewi368.mstenergy.xyz/
Message:
Access to XMLHttpRequest at 'https://www.dewi188os.com/getPokerJackpotAmt' from origin 'https://dewi368.mstenergy.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://www.dewi188os.com/getPokerJackpotAmt
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://dewi368.mstenergy.xyz/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
javascript warning URL: https://dewi368.mstenergy.xyz/
Message:
The resource https://dewi368.mstenergy.xyz/icomoon.woff2?h141kb was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pokebob.online
ads.mythad.com
bumatek.boun.edu.tr
cdn.sitestatic.net
connect.facebook.net
dewi368.mstenergy.xyz
direct.clothesfashion.online
files.sitestatic.net
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
iili.io
logsdk.kwai-pro.com
qris.otomatis.vip
s1.kwai.net
www.dewi188os.com
www.facebook.com
www.dewi188os.com
104.21.235.69
154.83.2.16
154.83.2.240
157.240.251.9
161.9.151.82
172.67.172.48
172.67.69.226
188.114.96.3
199.232.196.193
2a00:1450:4001:80b::200a
2a00:1450:4001:82a::2003
2a01:4a0:1338:28::c38a:ff18
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
43.152.26.142
95.101.75.43
95.101.75.50
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
06b3b723285deec88d88deb08bf651d1a66959b60959785fe07d4e2888de9998
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16c6e52bde4cc463f31ed65f80f376b8c58a223f75b4bc3338d9d3b54d3431a4
16f5b6b3f05832ec5c501b053858f0c44db2175e8af1b55d51d39d3df5752f4a
17a08ca949b6aafa43a8cd1490fd52174a7c697bd5f8d4aa46036f89c36e2a43
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
1ed30c846d58a68884e549ea69a8826034ab1d034874f4211454b9e34fed6ef7
1f80cdbf4cc504bcc47aa3fa33c4729dbe72e4df21e5610e4b3a15cfdb19d988
230d6bc167e2bd82773b97c8a50ff08481d6006f1c4ecc547403cd5ae2e9b969
26936934bd1611d66d3c77d318d16af4e067d6b45ed70f9d914c2870949df658
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
3689e0482573b519c0e70686b17303b5439d7f931ef6b226f799f075aab39e00
3936eeba9a43265b4a8231e235e20ccf1462bd79e86b918b9da41c9fac30cdaf
3eb2b812df04aa12e2f598c4847c516b077a0249ff62e84951c94fd9b22f31b1
4258325d0e652bee5432a0d18b3b1d596659b03f5a86f0636565e78ad16f0a3f
42c6bf8587e040e4711440d229921f3c35c9c8668a935269789b686eb62c7023
4f7e4caca29a636b59f9c4021cd241a6930f0aa5f8178e5cf258e401446305cb
4fbf85a9cb3dd8d9b9cee3a1014e3caf54e5c48db130732840ba7733af1a01ec
51ecb52b412444d5649e7cb8e2dbceb134216bae4a3126f90e87e2a39223c48e
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5859fcc9c39f9d180c1d660851e7fdfee95868aa09331eece97f87917c9acfe1
59eaa891acea59e47c542f2849d06002b9b889cb4e07450ae8f9cdc532024f60
5c58c101cc884efde178a3043489874d9f58bce38e1b6a6795ef8065abbf48f6
5cda08a9cd22aa7e7d13286549db37e6f7465c9f556a6d74d18feeaa296f7a57
62ec963ec2ddda256157253e8ef9a8355423cfd49733c6a0192796c6d341e828
653b96c997f7bd6fdd915083001654cb239ce9f12f4312336004b2d1ac296560
66a91cd1dbe47bbb7b8a993a0ca4aba56be9390b8a1fbb05bbddd7f062436ed5
6d5d856ec5c1d566a929bd730f7425c1f67db9bf6cdce2f2108e5e8cab03313a
70780a7c65b77d6d22afe34711fd6571bdaff21596575801b9459f4f2db9855c
7b1bc6ddf81b9212855c94157645c93be27c8380737f4ee22502220e2f57822d
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
891b06c855b5a66c0fcb5007d609e4c3a81f0cee98ffad8835ab8e98521b95c5
8e458b6398b0f729b96a4c6134d5d11857f65832b5f66acabe27e7a9ff2d5e10
8f90474aa3889d5cfb8408ebf8c520f74c122b37a66ac4fc4ebbadc05c8f481f
8fd75df23a36dc508478535ee809456a101fe36802252d6ebfb586dfaaf4c2d1
94700cce20eb3e2b62d393044e86ffc6e8d0846997e13545e0bd11aa572457a6
96a5e5a540a4dfbcd282bfbb91f69ddd72f7209719b7c11d0af648a5102d79da
9ad37d3fd1d807f2331b403b546b48bd7ddde2bcddd01711d7f163d1c43bcebf
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
af9a42baeabb75eb4eeb81d111196c4d5b129288f195c9ea8ab17b7344a29152
b2538d3b57022bc05f3800160ff645dabe6819fb899ac94603a7214fee5fa6b5
b9f3c72c2b1ac604278d76d9d0a6069817842fccf2c84b4988c209bb7f6900dc
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd16aaf65d7bddfcf11f1834de29f3c40229eb31fe650a4101be6d30a07c5126
c1e770d64eb3fdf5bbbb8a366df90607632d68f266edc21af9230fe5181c1813
c754bb76abe4e581edaf719bc873d364e4e6031644fda40ad605eb3da37e7328
c783ae9a7961fcafdda9d2c0ea62c73fadc4811f06a4ffc08f7e654bb83cf472
c8a2f63033d659ab070c5fe3391e27c2e59ee90024dd48451f72ff4ff63ecbd9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cdc9c3093d1d005ecb2f9bb322d8defba8bec58f505708e4d508335fa1fd87ef
cfc71a003148530cab6faceebfeeff722dd0c8805476b44a71eb74004a811bd1
d05e0345406f2d676efda2063643450279a9898463f1be66050ac9ea3786cd03
d0e10c58f30442fe280c8d102bfe08883fdcc2c4008a0032e68d2165816075cc
d466f4a1f8081797fb8728c3b348bde084abdd8639620acd5465c2d5c8c71a2c
e3043faabfc9ef8064fceef7f739ce3346b98579cabcf518a9197f7d124292fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ddb9b51c5a2d9a773bdf1f50364aa809b41a3d0fa947fc485e2480647ad59c
e9d6e527652f3af0e98c1b86600a43888dcc7b59d0057b1c97b0491233c559ae
ea5c630a2450f07fc3ec8347b7d48fa5e8022b5fd8a04c2d491ae9390403c2b6
f018b8a0bda4f9ecf744ff4816799ca811d7fb0bb4e391f16612b6ad641c4d5f
f73ac99c08fabbedde5cae860087d7d16d9e6ab85863f83b6dd89e2a934012af
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0
fc6f9eb7bbc5187b80b5c9a72496bfd4ad077b5276910626eeae5bb90b19079e
ff6d3169caaf0650fdb59ff85e16905c0e6748e93138f5b7882320c6baefc2b9