Submitted URL: https://desawin138.cloud/
Effective URL: https://desawin138.cloud/desktop/
Submission: On November 26 via api from BE — Scanned from US

Summary

This website contacted 16 IPs in 2 countries across 17 domains to perform 102 HTTP transactions. The main IP is 2606:4700:3036::ac43:a31c, located in United States and belongs to CLOUDFLARENET, US. The main domain is desawin138.cloud.
TLS certificate: Issued by WE1 on November 19th 2024. Valid for: 3 months.
This is the only time desawin138.cloud was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 2606:4700:303... 13335 (CLOUDFLAR...)
3 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
55 45.194.53.13 209242 (CLOUDFLAR...)
7 2606:4700:303... 13335 (CLOUDFLAR...)
3 2600:9000:251... 16509 (AMAZON-02)
1 2606:4700:440... 13335 (CLOUDFLAR...)
1 169.197.85.95 26548 (PUREVOLTA...)
3 157.185.177.217 54994 (ML-1432-5...)
1 2 142.204.41.164 10265 (SENECA-AS...)
2 2a03:2880:f35... 32934 (FACEBOOK)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2a03:2880:f35... 32934 (FACEBOOK)
102 16
Apex Domain
Subdomains
Transfer
55 sitestatic.net
cdn.sitestatic.net — Cisco Umbrella Rank: 35952
files.sitestatic.net — Cisco Umbrella Rank: 33939
626 KB
17 desawin138.cloud
desawin138.cloud
171 KB
7 imgbob.online
imgbob.online — Cisco Umbrella Rank: 399223
520 KB
3 anhuidingyue.com
dlntdk2it99.anhuidingyue.com — Cisco Umbrella Rank: 171573
101 KB
3 cloudfront.net
d2rzzcn1jnr24x.cloudfront.net
37 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
284 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 120
213 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 192
76 KB
1 gstatic.com
fonts.gstatic.com
37 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 29
1 KB
1 senecapolytechnic.ca
wiki.cdot.senecapolytechnic.ca
20 KB
1 senecacollege.ca
wiki.cdot.senecacollege.ca
371 B
1 ibb.co
i.ibb.co — Cisco Umbrella Rank: 14048
573 KB
1 linkcdn.cloud
images.linkcdn.cloud — Cisco Umbrella Rank: 56625
4 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225
11 KB
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
0 co.com Failed
i.ibb.co.com Failed
102 17
Domain Requested by
45 files.sitestatic.net desawin138.cloud
17 desawin138.cloud desawin138.cloud
cdn.sitestatic.net
10 cdn.sitestatic.net desawin138.cloud
7 imgbob.online desawin138.cloud
3 dlntdk2it99.anhuidingyue.com desawin138.cloud
3 d2rzzcn1jnr24x.cloudfront.net desawin138.cloud
3 www.googletagmanager.com desawin138.cloud
www.googletagmanager.com
2 www.facebook.com desawin138.cloud
2 connect.facebook.net desawin138.cloud
connect.facebook.net
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com desawin138.cloud
1 wiki.cdot.senecapolytechnic.ca desawin138.cloud
1 wiki.cdot.senecacollege.ca 1 redirects
1 i.ibb.co desawin138.cloud
1 images.linkcdn.cloud desawin138.cloud
1 cdnjs.cloudflare.com desawin138.cloud
1 www.google-analytics.com www.googletagmanager.com
0 i.ibb.co.com Failed
102 18

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
api.whatsapp.com
s3-ap-southeast-1.amazonaws.com
Subject Issuer Validity Valid
desawin138.cloud
WE1
2024-11-19 -
2025-02-17
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
cdnjs.cloudflare.com
WE1
2024-11-26 -
2025-02-24
3 months crt.sh
sitestatic.net
WE1
2024-11-17 -
2025-02-16
3 months crt.sh
imgbob.online
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
linkcdn.cloud
WE1
2024-10-08 -
2025-01-06
3 months crt.sh
ibb.co
E6
2024-10-21 -
2025-01-19
3 months crt.sh
*.anhuidingyue.com
Sectigo RSA Domain Validation Secure Server CA
2024-01-17 -
2025-02-05
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-09-05 -
2024-12-04
3 months crt.sh
upload.video.google.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
*.gstatic.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh

This page contains 1 frames:

Primary Page: https://desawin138.cloud/desktop/
Frame ID: 2FAEFC5D665526685EFDE599DD90FEAC
Requests: 102 HTTP requests in this frame

Screenshot

Page Title

DESAWIN138 || SITUS SLOT ONLINE TERBAIK & TERPERCAYA 2024

Page URL History Show full URLs

  1. https://desawin138.cloud/ Page URL
  2. https://desawin138.cloud/desktop/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

102
Requests

96 %
HTTPS

73 %
IPv6

17
Domains

18
Subdomains

16
IPs

2
Countries

2461 kB
Transfer

4374 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://desawin138.cloud/ Page URL
  2. https://desawin138.cloud/desktop/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 78
  • https://wiki.cdot.senecacollege.ca/w/imgs/thumb/APK_Logo.png/250px-APK_Logo.png HTTP 302
  • https://wiki.cdot.senecapolytechnic.ca/w/imgs/thumb/APK_Logo.png/250px-APK_Logo.png

102 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
desawin138.cloud/
4 KB
2 KB
Document
General
Full URL
https://desawin138.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1c3cafc060d453424adc8da5338753a9d72b8da5d1722054ca8bbcd341f65d1

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e8d4b8d5d5543b3-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 22:25:34 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2Bn5opEixOVRw%2FCyh7cQZJDQRHlwZqF4zSlyKYyeAAoNBjhxnKmGRjZadIyQkODZWLpwwA%2F5l6ZRdHw8oUvABNf757Fp2nwX%2BZxCPdMbMrpP%2BAeY2wh71yY045zRKBAN8IWXN9Y8ggPppKOLBJZ9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=11108&min_rtt=9369&rtt_var=6106&sent=7&recv=8&lost=0&retrans=0&sent_bytes=3988&recv_bytes=2319&delivery_rate=429157&cwnd=254&unsent_bytes=0&cid=097a523c796d0bd7&ts=242&x=0"
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
323 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GK0859L4L5
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
243f7f83da1100e1e25203c7caaa1dd2d407096429b6a4df5bb925b38f96adb9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 22:25:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 22:25:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109682
x-xss-protection
0
server
Google Tag Manager
gtm.js
www.googletagmanager.com/
193 KB
70 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TMKSQPTT
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b3a4a21b50fb26de792a839b6033bdaa1a6b778bf154b4b0efa6004e246d6801
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Tue, 26 Nov 2024 22:25:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 22:25:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 26 Nov 2024 21:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
70807
x-xss-protection
0
server
Google Tag Manager
js
www.googletagmanager.com/gtag/
323 KB
107 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GK0859L4L5&l=dataLayer&cx=c&gtm=45He4bk0v9191494754za200
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TMKSQPTT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 26 Nov 2024 22:25:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 22:25:34 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
109627
x-xss-protection
0
server
Google Tag Manager
collect
www.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GK0859L4L5&gtm=45je4bk0v9191506330za200zb9191494754&_p=1732659934692&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1925977769.1732659935&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1732659934&sct=1&seg=0&dl=https%3A%2F%2Fdesawin138.cloud%2F&dt=DESAWIN138%20%7C%7C%20SITUS%20SLOT%20ONLINE%20TERBAIK%20%26%20TERPERCAYA%202024&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=806
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GK0859L4L5
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://desawin138.cloud
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
text/plain
server
Golfe2
Primary Request /
desawin138.cloud/desktop/
146 KB
22 KB
Document
General
Full URL
https://desawin138.cloud/desktop/
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
125338643834d5fc9929b0331770ff8bbb2f1a54b41efeced0c750889d8d1547

Request headers

Referer
https://desawin138.cloud/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8e8d4b91dcf843b3-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 22:25:35 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HKbVwcG4jRsdzd8SIfT7GQcUG%2BPMnPPS%2FnecKJW1Rrsi3VKngLeseQSt3wlKUHnz5UzmFv8siEGSm%2B7JJKWB9cjiEwGoJWiN2guMqtDehF0oag9meUbqYArik4%2FS%2FfIoKdlf3QsTETH5iPuHljTI"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=13507&min_rtt=9369&rtt_var=8522&sent=13&recv=12&lost=0&retrans=0&sent_bytes=6631&recv_bytes=2506&delivery_rate=554592&cwnd=258&unsent_bytes=0&cid=097a523c796d0bd7&ts=919&x=0"
vary
Accept-Encoding
PUSAT188-13-7-2024.png
i.ibb.co.com/gDv3sw1/
0
0

collect
www.google-analytics.com/g/
0
0

all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/
58 KB
11 KB
Stylesheet
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://desawin138.cloud
Referer
https://desawin138.cloud/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"6599bda5-28f2"
age
349709
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hsBf%2B4x%2BoXwNYPPYlzzd10wNJkxbwz7ZREOgc3avEnP3raNXpvp83Yw%2Be4PoPVEYL3aGr4cwFcU7swLUvjboWz5tOYrQ45vUB1WkmS3mS0FQRbGlD7sNw0tQXEDiWycPWUo50udiQAjj2tk8Kei6PB9W"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Sun, 16 Nov 2025 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 06 Jan 2024 21:52:53 GMT
vary
Accept-Encoding
priority
u=0,i=?0
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8e8d4b93e9fcde92-EWR
accept-ranges
bytes
access-control-allow-origin
*
content-length
10482
server
cloudflare
jquery.min.js
cdn.sitestatic.net/assets/jquery/
85 KB
31 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery.min.js
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"a09e13ee94d51c524b7e2a728c7d4039"
age
358821
expires
Wed, 26 Nov 2025 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
application/javascript
last-modified
Sat, 29 Jul 2023 05:07:12 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-amz-id-2
t3SsMgsvCMK7mR1WZF0ZHPAj1jwQPpUHGx5XxmioyZfRpUVmlCw+VXny+zfgX5o0iWpeGiIzDq+K3oV4udaPgg==
cache-control
public, max-age=31536000
x-amz-request-id
PE1ZA69CKQ51HGJ5
cf-ray
8e8d4b941cb932cc-PHL
server
cloudflare
x-amz-server-side-encryption
AES256
bootstrap.min.js
cdn.sitestatic.net/assets/bootstrap/
39 KB
12 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/bootstrap/bootstrap.min.js
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
age
376286
expires
Wed, 26 Nov 2025 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
application/javascript
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-amz-id-2
lVePP6HnnrYuqMjwFodvr9vzQltQ4jKuv1vOzJgDwEcRi43B8nODv6jFRQ7cYjwINn6oJCDHlCo=
cache-control
public, max-age=31536000
x-amz-request-id
SSCN7QRYBANYVNC9
cf-ray
8e8d4b941cbd32cc-PHL
server
cloudflare
x-amz-server-side-encryption
AES256
icomoon.woff2
desawin138.cloud/fonts/ugsports/icomoon/fonts/
22 KB
23 KB
Font
General
Full URL
https://desawin138.cloud/fonts/ugsports/icomoon/fonts/icomoon.woff2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8c098b49310c2a8c9d99ff52fd35112c31129c18b62a1d032bc5c202c9bd07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://desawin138.cloud
Referer
https://desawin138.cloud/desktop/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zgLPcHX3i4tn7%2FVUlhBnjvNznzHACL%2Fie46%2BWqetfVOznFGBY78qAJy%2FO%2FO4DT2Cr1ep7dFFSUhmUxNwuU71MGedErExA6O0BblmerV%2FW9GIxvccIJ18gDisuP32QuLFF%2B8EMBi8yN8OrFsh%2ByfG"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Dec 2024 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=28126&sent=18&recv=16&lost=0&retrans=0&sent_bytes=9830&recv_bytes=6360&delivery_rate=22695&cwnd=12000&unsent_bytes=0&cid=73584985d2d75400&ts=474&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
font/woff2
last-modified
Tue, 12 Mar 2024 01:32:32 GMT
vary
Accept-Encoding
priority
u=1,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8d4b9369fa41d3-EWR
accept-ranges
bytes
content-length
22640
server
cloudflare
swiper.css
desawin138.cloud/css/ugsports/
21 KB
4 KB
Stylesheet
General
Full URL
https://desawin138.cloud/css/ugsports/swiper.css
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
50460536deb8b30674ab0d4c4c78eab3956188a409927500cd86e08a6ef57dac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/desktop/

Response headers

server
cloudflare
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ykpHjAyiXPIYf%2F%2BGGG89ixIWfGf%2Fgaouvm0%2BnXchXiM%2BxW71BGvM%2B0BsDqml0t6AZBorEeI7OIR9HTS4vrH8GVz6q5DL%2BEduKDfXwWkk9jwww7W37or73ud0iTJf1YoOyS5gcKF0eUlWulmxd12D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b9369fd41d3-EWR
expires
Tue, 03 Dec 2024 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22863&sent=12&recv=13&lost=0&retrans=0&sent_bytes=4235&recv_bytes=5796&delivery_rate=565&cwnd=12000&unsent_bytes=0&cid=73584985d2d75400&ts=405&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
text/css
last-modified
Tue, 12 Mar 2024 01:32:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
style4.css
desawin138.cloud/css/ugsports/theme-20/d/
351 KB
60 KB
Stylesheet
General
Full URL
https://desawin138.cloud/css/ugsports/theme-20/d/style4.css
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
667013651d0feb0de4ae132b8a11cf9d7a5af592012d8bf369d0a350204f4935

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/desktop/

Response headers

server
cloudflare
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7mRdgOMVPMvY5TK4AlxQ7jXT8DwPx25Lp%2BJC%2BUb6tdn1sgdqpuIPxEHi%2BWbfu3xEQFQ4KC1%2FczxBaO3lNzOg62OEZlglwWEwxPScQ71B2P5LTd%2B0uth%2FAyjukhfb9VQHvGP%2B1C7cZMcNPAPjOHpR"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b9369ff41d3-EWR
expires
Tue, 03 Dec 2024 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=30047&sent=38&recv=26&lost=0&retrans=0&sent_bytes=33668&recv_bytes=6790&delivery_rate=454567&cwnd=24000&unsent_bytes=0&cid=73584985d2d75400&ts=603&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
text/css
last-modified
Tue, 12 Mar 2024 01:32:26 GMT
vary
Accept-Encoding
priority
u=0,i=?0
sweet_alert2.min.js
cdn.sitestatic.net/assets/jquery/
66 KB
18 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery/sweet_alert2.min.js
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0c0de18caa00c8ea26099fb8cd50b05a"
age
376286
expires
Wed, 26 Nov 2025 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
application/javascript
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
vary
Accept-Encoding
priority
u=1,i=?0
x-amz-id-2
96NjZXIFjSBbbPY6tCJ2ZeLsvkTVSnYuGgPAgHIYtBUThGbDfmkaCUoz3r6n4OiV0YcspLvdCw8=
cache-control
public, max-age=31536000
x-amz-request-id
02KD9YRXQVHFTH0H
cf-ray
8e8d4b941cc132cc-PHL
server
cloudflare
x-amz-server-side-encryption
AES256
jquery-ui.min.css
cdn.sitestatic.net/assets/jquery/
31 KB
8 KB
Stylesheet
General
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery-ui.min.css
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"0b5729a931d113be34b6fac13bcf5b29"
age
425704
expires
Wed, 26 Nov 2025 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
text/css
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
vary
Accept-Encoding
priority
u=0,i=?0
x-amz-id-2
wTlM9zoCaIuzc3A0cL3LDo0to5kqT3im/384MesscOakbsIs3w+UVTAXfuk7xhH+OTGLqNS/7Ms=
cache-control
public, max-age=31536000
x-amz-request-id
3M7KVHK8PZPKRT43
cf-ray
8e8d4b941cb432cc-PHL
server
cloudflare
x-amz-server-side-encryption
AES256
jquery-ui.min.js
cdn.sitestatic.net/assets/jquery/
248 KB
68 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery-ui.min.js
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"c15b1008dec3c8967ea657a7bb4baaec"
age
358822
expires
Wed, 26 Nov 2025 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
application/javascript
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
2DjNTcY8Qw3vz0+g83Py3IBagbCU2+UY7PBUrWUuZGwzZlk+Xbi3sPdYYUP5HX2KOqkg+2fObOQ=
cache-control
public, max-age=31536000
x-amz-request-id
PE1VZVHBV02VGAA6
cf-ray
8e8d4b984a8732cc-PHL
server
cloudflare
x-amz-server-side-encryption
AES256
jquery.ui.touch-punch.min.js
cdn.sitestatic.net/assets/jquery/
1 KB
948 B
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery/jquery.ui.touch-punch.min.js
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"700b877cd3ade98ce6cd4be349d81a5c"
age
376288
expires
Wed, 26 Nov 2025 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
application/javascript
last-modified
Sat, 29 Jul 2023 05:07:12 GMT
vary
Accept-Encoding
priority
u=3,i=?0
x-amz-id-2
hstp0DLdMPD3Zve5HsSbHXIIF3gykgIjTRGzradidceb+anGMQ9qKpRMhRj/804aUJqiIrMByZM=
cache-control
public, max-age=31536000
x-amz-request-id
HZM36F70MVXH034Q
cf-ray
8e8d4b984a8a32cc-PHL
server
cloudflare
x-amz-server-side-encryption
AES256
FHJvycZjQi.png
imgbob.online/ib/
112 KB
113 KB
Image
General
Full URL
https://imgbob.online/ib/FHJvycZjQi.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:460e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83486ce041bf9d480fac8a50216470ba7d7d9ff189073c24211f3ce5ff8bedae
Security Headers
Name Value
X-Frame-Options allow

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZCcVKiGAiTe4GqyFVIEF9pI48pKa1go7Nsl2kuYdTlVBPLkGtMkuBZA5lTBvNVMA%2FDQg310HADmo%2BBtJoz9QGEZU1LSw84jW5ZdaRyVbSe8BfLiUstSjfxY9Fcb890zEnSZyJqMmAPrqIVr"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Dec 2024 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27614&min_rtt=23089&rtt_var=11316&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4187&recv_bytes=4389&delivery_rate=385&cwnd=12000&unsent_bytes=0&cid=70cab4d444aa902c&ts=542&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
image/png
last-modified
Tue, 19 Nov 2024 22:10:48 GMT
vary
Accept-Encoding
x-frame-options
allow
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8d4b942ff7c351-EWR
accept-ranges
bytes
content-length
114836
x-turbo-charged-by
LiteSpeed
server
cloudflare
Sub-InfoCentre.png
desawin138.cloud/assets/images/nav_imgs/
708 B
708 B
Image
General
Full URL
https://desawin138.cloud/assets/images/nav_imgs/Sub-InfoCentre.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/desktop/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sg%2Fr20nNq8P%2BUye199LCYw8hm0jZs%2FyKwnG9H45Dhm%2F60uA905Ta39Dut55LcmZB1ucsC0xEz4i4BddF2q8K2O9sz%2Fqg3lIjoCAyk2gh%2BrlgRFjB%2Fe4UGfl%2BMxHcXvHjXIzhiTwQZE6139FWe4rE"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b936a0041d3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22863&sent=16&recv=13&lost=0&retrans=0&sent_bytes=8645&recv_bytes=5796&delivery_rate=565&cwnd=12000&unsent_bytes=0&cid=73584985d2d75400&ts=409&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=2,i
Sub-ContactUs.png
desawin138.cloud/assets/images/nav_imgs/
708 B
708 B
Image
General
Full URL
https://desawin138.cloud/assets/images/nav_imgs/Sub-ContactUs.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/desktop/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y0i%2BVh3QFQPyjKoHC2We9mnutbXptUdG%2FjPbSGmGwiWoHza%2Bm6GBl9pzZmvs1Y2wJ0hn6tjFnOfm0k2IQjV270Y6N0buo7u89v12fwONZAKGyQ5TYbwtNUzuljiUTAF2wC671vjeN09eJqQNn9uA"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b94ecc141d3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26061&sent=92&recv=36&lost=0&retrans=0&sent_bytes=96887&recv_bytes=7225&delivery_rate=1093943&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=643&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=2,i
ppslot.gif
files.sitestatic.net/images/
7 KB
7 KB
Image
General
Full URL
https://files.sitestatic.net/images/ppslot.gif?v=1.0
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35d71b42dfae4acf991ae4fdab8c755d27c6df617bc903cb3c611950382d26c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"e9707d3362520143c1bcc65ada2fb16f"
x-amz-version-id
NiaYyskGL3z16llXSDI6bjrZ.q3RzVic
cf-cache-status
HIT
age
348056
expires
Wed, 26 Nov 2025 22:25:35 GMT
cf-polished
origFmt=gif, origSize=14669
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
image/webp
content-disposition
inline; filename="ppslot.webp"
vary
Accept
last-modified
Mon, 29 Apr 2024 02:34:48 GMT
x-amz-id-2
spFWJY0qDNmP3L6YCKC12f2maKyo30G3amwjkxofoeHUqMolLDMlRo7O1v4e0+R4UBKIIKQokuc=
priority
u=2,i
cache-control
public, max-age=31536000
x-amz-request-id
Z5429Z07NN34ZKF6
cf-ray
8e8d4b967fb432cc-PHL
accept-ranges
bytes
content-length
6836
server
cloudflare
x-amz-server-side-encryption
AES256
pgsoft.gif
files.sitestatic.net/images/
93 KB
93 KB
Image
General
Full URL
https://files.sitestatic.net/images/pgsoft.gif?v=0.2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f9699ada286b3474d488ac0b62ff74bcbbf5112ad374f1afcd8c3e421250cd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"c6d0de57f873675ed0e905d7d2fa2c27"
x-amz-version-id
4jaQRB6Pkmqo0GeHH3ibp5QXJorqkHkX
cf-cache-status
HIT
age
323151
expires
Wed, 26 Nov 2025 22:25:35 GMT
cf-polished
origFmt=gif, origSize=558699
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
image/webp
content-disposition
inline; filename="pgsoft.webp"
vary
Accept
last-modified
Thu, 21 Sep 2023 03:53:47 GMT
x-amz-id-2
iWDfI4VZxSq4J+JR/z4fvpEpujkSztlwBpQHKkB+90fpFNf3QCbyipM8c/KIYVA+54LqtRANR0aDvJYEYThPbLuz7RkElvdZFqXUtdlva3s=
priority
u=2,i
cache-control
public, max-age=31536000
x-amz-request-id
ETK3ZVHBP4NF2439
cf-ray
8e8d4b96e87332cc-PHL
accept-ranges
bytes
content-length
95072
server
cloudflare
x-amz-server-side-encryption
AES256
hb_slot.png
files.sitestatic.net/assets/imgs/game_logos/100x70/
1016 B
1 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/hb_slot.png?v=0.2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4815cc2929b3c2763dddfaae0ad124d2c8fb30322f9ab1c0a3c05919484abe31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"e4faf8e065e2171908ac3f33e6d9072a"
x-amz-version-id
eK28Lvo2hOWSlirNTfTfxbS.mX8xXCV8
cf-cache-status
HIT
age
348056
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=3715
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="hb_slot.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:52:33 GMT
x-amz-id-2
B6uD+CkaWm7DvlEliewJtrmzlbPgsdWjmXVnnutCYIMMuFYBlVB1et67BX0+T1MFo/W5xH1H8WlMzso+0tLzED8GDeOvYvP2Q6qo1ZGU5e0=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
6WVATSYD63MHEF2M
cf-ray
8e8d4b984a8e32cc-PHL
accept-ranges
bytes
content-length
1016
server
cloudflare
x-amz-server-side-encryption
AES256
mg_slot.png
files.sitestatic.net/assets/imgs/game_logos/100x70/
2 KB
3 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/mg_slot.png?v=0.2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2a66584f338ed2a0fa21f06f5e281ebb9fb6f733f0938493d991d9e8720a1f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"b0bb4496aa894317bbf52bf1de2304e5"
x-amz-version-id
lwgXdQp8N41nhmE1IaXSIEcC9pMzfxK9
cf-cache-status
HIT
age
348056
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=5220
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="mg_slot.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:52:00 GMT
x-amz-id-2
CqSGtX/SJQTbFE7FN9UBfdoBl31yXc3rBgYYDoN2dXjwFGSLn3iOBkSOgAXz5Yl2qipWE49FSXE=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
VY5M5BJB6CW5KRPR
cf-ray
8e8d4b984a9032cc-PHL
accept-ranges
bytes
content-length
2194
server
cloudflare
x-amz-server-side-encryption
AES256
game-code-65.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/menu/mobile/home-menu-3/
10 KB
11 KB
Image
General
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/menu/mobile/home-menu-3/game-code-65.webp?v=20240521-2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:1200:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
6df7715e38249c975455d129a98e4cf872558887d07b234b15c244d84d7266ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

etag
"ade5e82ca79ada1:0"
age
52100
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
lj2lqZQh6Jc7GNaoo4Z94HFOjwJAzeuKaPdo6Tw7RBXXhuvJCwQfTA==
date
Tue, 26 Nov 2024 07:57:16 GMT
content-type
image/webp
last-modified
Tue, 30 Apr 2024 02:36:16 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 922167d169fb5d47cad92d0fd0cd14aa.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
10714
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK50-P8
server
TrillionSoft
jk_slot.png
files.sitestatic.net/assets/imgs/game_logos/100x70/
4 KB
4 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/jk_slot.png?v=0.2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d5ed0af859dcab726b80030ef799e393fca264405a9e049180935615f91c000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"325732be5164c9c1e55939125c2f487d"
x-amz-version-id
6pogx7R0cglx9OJ5uwXYv2FlWGHcM8Zj
cf-cache-status
HIT
age
327694
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=8810
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="jk_slot.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:51:53 GMT
x-amz-id-2
1PECp0iXko8hWQx3O+FKwiXtmyBC9lX8u88FRXPlGHMqG5g3s45vOrKok5D4kt8bUVh/X0HNrqY=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
14V54X0Y8XXSTM4C
cf-ray
8e8d4b984a9132cc-PHL
accept-ranges
bytes
content-length
3988
server
cloudflare
x-amz-server-side-encryption
AES256
playngo_slot.png
files.sitestatic.net/assets/imgs/game_logos/100x70/
3 KB
4 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/playngo_slot.png?v=0.2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5242c46514d1c21256372baf1eea3ef75501339645e1c35d3a67ddff8733a53

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"f3ef123ebc6944afab074f7494cd2b0d"
x-amz-version-id
aWhoRs9knw5zCuakW.fKfn7E_Ls1Viau
cf-cache-status
HIT
age
547500
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=5758
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="playngo_slot.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:52:05 GMT
x-amz-id-2
H5xhMtDFyFH/yOhz8L7NbjZ78TXSbrblglgSvkRrxTdn+v+rwiOHR3NoItFyvXa0uFCgHaQmJo87PNY7Lna36SeXuxgSWSlP06k5bqGjgq4=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
XV1DJF40Q1HYES0Z
cf-ray
8e8d4b984a9532cc-PHL
accept-ranges
bytes
content-length
3094
server
cloudflare
x-amz-server-side-encryption
AES256
game-code-29.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/menu/mobile/home-menu-3/
13 KB
14 KB
Image
General
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/menu/mobile/home-menu-3/game-code-29.webp?v=20240521-2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:1200:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
4600f1c62a383df59d3bfdc279925baf386cf20e3b04e70acd0f55d184cff3fd
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

etag
"d39be62ca79ada1:0"
age
52971
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
qDM0NeXOUoF2YZVZ0qiK3mLv4-fLx1IECMVA7_jqBlKdqjAfyV_lUA==
date
Tue, 26 Nov 2024 07:42:45 GMT
content-type
image/webp
last-modified
Tue, 30 Apr 2024 02:36:16 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 922167d169fb5d47cad92d0fd0cd14aa.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
13040
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK50-P8
server
TrillionSoft
game-code-79.webp
d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/menu/mobile/home-menu-3/
11 KB
12 KB
Image
General
Full URL
https://d2rzzcn1jnr24x.cloudfront.net/Images/nexus-beta/menu/mobile/home-menu-3/game-code-79.webp?v=20240521-2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2514:1200:c:5e6d:a440:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
TrillionSoft /
Resource Hash
0ed7af32af3dcf65e10e2123e6e78370d6e11517ef496b816683923748936227
Security Headers
Name Value
Strict-Transport-Security max-age=15552001; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

etag
"8093ea2ca79ada1:0"
age
51754
x-content-type-options
nosniff
x-cache
Hit from cloudfront
x-amz-cf-id
VaN15VTliRDYKAIifCaaYK5rLeMN_3GqwpJCWnL0WagDjA2OI7YZ9A==
date
Tue, 26 Nov 2024 08:03:02 GMT
content-type
image/webp
last-modified
Tue, 30 Apr 2024 02:36:16 GMT
strict-transport-security
max-age=15552001; includeSubDomains; preload
cache-control
max-age=31536000
via
1.1 922167d169fb5d47cad92d0fd0cd14aa.cloudfront.net (CloudFront)
accept-ranges
bytes
content-length
11664
x-xss-protection
1; mode=block
x-amz-cf-pop
JFK50-P8
server
TrillionSoft
advantplay_slot.png
files.sitestatic.net/assets/imgs/game_logos/100x70/
1 KB
2 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/advantplay_slot.png?v=0.2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d9b73a2b7a47878280ed4d3005a670b541fd37394bb7bdd0a60d999067eed9a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"e71171a4d4e3961bcfdb39a99418c293"
x-amz-version-id
bMIPNkuAq38eZEUKzLEBFZ9nNnZWFRXO
cf-cache-status
HIT
age
348056
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=4307
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="advantplay_slot.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:52:13 GMT
x-amz-id-2
ea0RFOZZIg+E7VgGr11Z1zvqfkTtsapLKAwOrpORfTRoK36SUFiT5HIk6qHc97vwt7nvm2r7a1oD9La2asqPhQ==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
YATQCSGM0Y0P9CS6
cf-ray
8e8d4b984a9b32cc-PHL
accept-ranges
bytes
content-length
1064
server
cloudflare
x-amz-server-side-encryption
AES256
cq9_slot.png
files.sitestatic.net/assets/imgs/game_logos/100x70/
4 KB
5 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/cq9_slot.png?v=0.2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc55797c4d79f179288d27b6829e57352b1f4f5b356e5aa12a82e51ed6d4a2a5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"399cbcb08124b1046f4797a7a4d896b9"
x-amz-version-id
cGLbLJZRoR_PudlH9fX66m0d2gifamIs
cf-cache-status
HIT
age
348056
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=8981
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="cq9_slot.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:52:22 GMT
x-amz-id-2
9BnIuBVordq0pvSodqbANSHXBXOLtJZ5x80O4KL2KBT0QSPAjnisxLKiwAB/a+i/xj4/fhqZas/VSFkUn5kTug==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
XPVBZ4NZNYGXRJYB
cf-ray
8e8d4b984a9e32cc-PHL
accept-ranges
bytes
content-length
4472
server
cloudflare
x-amz-server-side-encryption
AES256
evoplay_slot.png
files.sitestatic.net/assets/imgs/game_logos/200x60/
3 KB
4 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/200x60/evoplay_slot.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5bb9e7b5080650c64845001111f594d18633e265b24f1e7f3c4ae462e92288

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"979fba8c8e2fb46d0c6eb93ff90e9423"
x-amz-version-id
MVyYDxOSmRAUl03ZTGILPs8_wfpyuLaQ
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=4240
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="evoplay_slot.webp"
vary
Accept
last-modified
Tue, 02 Jan 2024 03:27:36 GMT
x-amz-id-2
u4DBQBSrr0PDVQjJ/WbsKnpFFE/TP1eTO6D0vi3+k08qtLG/Bn+7fB4qTNQJRuz32GSOn+erCQ0=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
4YR2ZQ2HM4EDJ65P
cf-ray
8e8d4b984aa032cc-PHL
accept-ranges
bytes
content-length
3250
server
cloudflare
x-amz-server-side-encryption
AES256
afc.webp
images.linkcdn.cloud/global/navbar/casino/
3 KB
4 KB
Image
General
Full URL
https://images.linkcdn.cloud/global/navbar/casino/afc.webp
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:9ac7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63d393565f8eec52c9f8cfa7fd9475787519c1ecaf4e92ab2092129873756d28

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cache-control
public, max-age=31536000
cf-cache-status
HIT
etag
"b5aef6b1a59d15fe33a0046add539770"
age
2487510
cf-ray
8e8d4b99188142a9-EWR
expires
Wed, 26 Nov 2025 22:25:36 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
3452
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
last-modified
Mon, 23 May 2022 04:02:39 GMT
vary
Accept-Encoding
server
cloudflare
casino_pp.jpg
files.sitestatic.net/GameImage/CasinoProviders/mobile/normal/
7 KB
8 KB
Image
General
Full URL
https://files.sitestatic.net/GameImage/CasinoProviders/mobile/normal/casino_pp.jpg?v=16.2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b319d675dbc16c28d1ebe16c92b4a4db931746cc9e07c1da60b155c47aca640

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"9b963271fa6e6dfc3d155e77673dd954"
x-amz-version-id
5E00EADr.SlS.hOmoTzzwSCdekwCYdTS
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=10467
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
x-amz-meta-sha256
7de5873abed728233ef06ee2605e50e72aa2fb3fea8bcf77847f704c2b43e2f1
vary
Accept
content-disposition
inline; filename="casino_pp.webp"
x-amz-id-2
k0K9WSspSEs+aKZPfKZTUSCHfxgfDNunJ6YYgzveQZnAAoKTEejgwcPU8WozZMS3k45j+BnIf9oV3Mo0GTUjhQ==
last-modified
Fri, 05 Nov 2021 04:23:38 GMT
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-meta-s3b-last-modified
20211105T034814Z
x-amz-request-id
22VXVRBG2FT5WP0R
cf-ray
8e8d4b984aa232cc-PHL
accept-ranges
bytes
content-length
7368
server
cloudflare
x-amz-server-side-encryption
AES256
casino_evo.jpg
files.sitestatic.net/GameImage/CasinoProviders/mobile/normal/
7 KB
7 KB
Image
General
Full URL
https://files.sitestatic.net/GameImage/CasinoProviders/mobile/normal/casino_evo.jpg?v=11
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cf4da502cde94bcb1a12eb385da78c6b8c4dfc262f15a9ecd0193b0d7a931

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"e3acf52a413fe2faa573dafbd95d34d0"
x-amz-version-id
null
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=16485
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
x-amz-meta-sha256
1bce13a78ce948240779c9bca746657317318b2d1324b35f6e6fd65380e8cd72
vary
Accept
content-disposition
inline; filename="casino_evo.webp"
x-amz-id-2
QrytuxYA2240pJOk/pe93DAoJDkESUp8tfRUbcNqjRPmSSBcxvV2N1UsBmqZShcta3QchDNwC0ZRb/bzo+Rz0A==
last-modified
Tue, 16 Mar 2021 09:50:36 GMT
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-meta-s3b-last-modified
20200530T175110Z
x-amz-request-id
RPYE9ZVNWS9WWGR2
cf-ray
8e8d4b984aa532cc-PHL
accept-ranges
bytes
content-length
7034
server
cloudflare
x-amz-server-side-encryption
AES256
ezugi_casino.png
files.sitestatic.net/GameImage/CasinoProviders/mobile/normal/
13 KB
14 KB
Image
General
Full URL
https://files.sitestatic.net/GameImage/CasinoProviders/mobile/normal/ezugi_casino.png?v=1
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
29691b2d3982eae1a57793938c1d2a3d382331ac4f1d8f35bd38ea268525c86b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"cbf0be4f27749ea3a447fefa576f3647"
x-amz-version-id
EjciG.YByoEwxDvDxLi2SAEe2qFWk677
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origSize=14964, status=webp_bigger
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Wed, 05 Oct 2022 04:40:44 GMT
x-amz-meta-sha256
c75de652d1dd5aea16e97f2ce49383e579e9aeea3ff47b86d2bcbe7317552cb4
priority
u=3,i
x-amz-id-2
2iAs4NaxMxPtCfCn4+IU5i17skDce/84gOa3SjC+wtZeTBeALPv3Rh6xPVOg9gyAHUvv4FY1Die4oydCtBpJnA==
vary
Accept-Encoding
cache-control
public, max-age=31536000
x-amz-meta-s3b-last-modified
20221004T230512Z
x-amz-request-id
KNY057JGM7FXZ7E4
cf-ray
8e8d4b984aa632cc-PHL
accept-ranges
bytes
content-length
13270
server
cloudflare
x-amz-server-side-encryption
AES256
image.png
i.ibb.co/PzMFbCW/
572 KB
573 KB
Image
General
Full URL
https://i.ibb.co/PzMFbCW/image.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.85.95 , United States, ASN26548 (PUREVOLTAGE-INC, US),
Reverse DNS
Software
nginx /
Resource Hash
8105cf9f2bdccdf8dafd1245d0ac1db3d299fd632ccd58ee9186f8fab323cda8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cache-control
max-age=315360000, public
access-control-allow-methods
GET, OPTIONS
expires
Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges
bytes
access-control-allow-origin
*
content-length
586108
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Wed, 03 Apr 2024 19:48:10 GMT
server
nginx
12003_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/12003/
31 KB
32 KB
Image
General
Full URL
https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/12003/12003_en.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.177.217 Ashburn, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
42ce8ccbd066b6afe408aaedd24368906bbae1ecd510c583af6b8ba2735e2e3c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

x-ws-request-id
67464ae1_shb221_11228-22968
x-via
1.1 anxun11:15 (Cdn Cache Server V2.0), 1.1 PS-DFW-04b7M139:6 (Cdn Cache Server V2.0), 1.1 shb221:4 (Cdn Cache Server V2.0)
etag
"66b175b3-7c16"
age
1
access-control-allow-methods
GET, POST, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
31766
date
Tue, 26 Nov 2024 22:25:37 GMT
content-type
image/png
last-modified
Tue, 06 Aug 2024 01:00:35 GMT
server
nginx
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
12002_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/12002/
34 KB
35 KB
Image
General
Full URL
https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/12002/12002_en.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.177.217 Ashburn, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
923db1fa199b914c4e69eeff7e3840d0c2dca9e6882ff36be15f92aea31543e9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

x-ws-request-id
67464ae1_shb221_11228-22969
x-via
1.1 PSxgHK6wy101:1 (Cdn Cache Server V2.0), 1.1 PS-DFW-04b7M139:18 (Cdn Cache Server V2.0), 1.1 shb221:8 (Cdn Cache Server V2.0)
etag
"66b175b3-8843"
age
1
access-control-allow-methods
GET, POST, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
34883
date
Tue, 26 Nov 2024 22:25:37 GMT
content-type
image/png
last-modified
Tue, 06 Aug 2024 01:00:35 GMT
server
nginx
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
12001_en.png
dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/12001/
35 KB
35 KB
Image
General
Full URL
https://dlntdk2it99.anhuidingyue.com/jdb-assetsv3/games/12001/12001_en.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
157.185.177.217 Ashburn, United States, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
bf5fc8dc0df8d6639db803f043f6264e714110111046b0309d3aa85e2a7f7d23

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

x-ws-request-id
67464ae1_shb221_11228-22967
x-via
1.1 PSxgHK6wy101:1 (Cdn Cache Server V2.0), 1.1 PS-DFW-04ahg140:9 (Cdn Cache Server V2.0), 1.1 hb100:2 (Cdn Cache Server V2.0)
etag
"66b175b3-8a4e"
age
1
access-control-allow-methods
GET, POST, OPTIONS
accept-ranges
bytes
access-control-allow-origin
*
content-length
35406
date
Tue, 26 Nov 2024 22:25:37 GMT
content-type
image/png
last-modified
Tue, 06 Aug 2024 01:00:35 GMT
server
nginx
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,BB,BB-Forwarded,UB,Authorization,Edge-Cache-Tag
jili_rng.png
files.sitestatic.net/assets/imgs/game_logos/100x70/
4 KB
4 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/jili_rng.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9770606736a01931ba00be4edea80dea044dcd6b82cd7af5727e383416ed6b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"edf74e4aa8f0162084ea357489c3abb6"
x-amz-version-id
2qOpat5.XwOUyd6.QAwWu64CU2_iPukv
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=6755
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="jili_rng.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:51:51 GMT
x-amz-id-2
JbSbzUKRjkjTsKdix81186SYSx3nqzsuixgpbN322eAceO1bhM7wKFCSkV9lX1qPTUKhCL7+rRc=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
1R177PXHH3WXRA4A
cf-ray
8e8d4b984aa932cc-PHL
accept-ranges
bytes
content-length
3638
server
cloudflare
x-amz-server-side-encryption
AES256
bola_blind_1.png
files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/
7 KB
8 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/bola_blind_1.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7779905b7dceed7387e7fa0a6b4e11792a6af18805f4992be5579e8d19e5d5b6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"0cc1715b9cd5c95934375a61a5af9f62"
x-amz-version-id
kE1jn8oeYGrMWgkpNnCa1hAf.0OIjaPy
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=11602
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="bola_blind_1.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:25:20 GMT
x-amz-id-2
OFV4lOcmr5bm9iircTased/9yZXHdBgoK7MT5FoAsGEyYz/Y+ojwFmcFMaHdj33d/B4XpsUmnrfT5eZ5LZZOhQ==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
X31AEP0E4BZZBB2S
cf-ray
8e8d4b984aaa32cc-PHL
accept-ranges
bytes
content-length
7180
server
cloudflare
x-amz-server-side-encryption
AES256
classic_bola_blind_1.png
files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/
9 KB
10 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/classic_bola_blind_1.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
904388ad52f3bec71e78a0bd3fc6fd9c9e9aab3e9e7bd117bae3e0884dd10b99

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"40257c9bfaa0d46d2e449856c966c299"
x-amz-version-id
mfwuEtGR5LsCqNsZF1uJT5mLeJfLY6uf
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=13960
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="classic_bola_blind_1.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:25:19 GMT
x-amz-id-2
R1sEIm/Xm/hmRBeR9P8pPjgIpefk0J7JOUMpn7eZPmr586c79v47nVJ1olsN0YpCUucbrHqjygvHhI4wdL3myw==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
X3139HCMTTY3Y7DB
cf-ray
8e8d4b984aad32cc-PHL
accept-ranges
bytes
content-length
9476
server
cloudflare
x-amz-server-side-encryption
AES256
keno_1.png
files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/
9 KB
10 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/keno_1.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
879dbffc2a87e1ff6c8041f8fe28c31980eda407c2630a2a4aa954735f1d8311

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"e0a3f3723b85da5085d832670666119f"
x-amz-version-id
pyiePoe6I2IcdvnA_sCqe1dv4TjdwYJj
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=12837
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="keno_1.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:25:13 GMT
x-amz-id-2
EFi3Bwb/V1FRQCSWxo7S3lqxrmwfyiqaPNTlB8CFz7N0oiUMmUhjEmDMPkTL71MVAkDMck8DNOOcHcGrooElmKkuUc/n+i7i4ya/PcpUWrI=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
6FY8C405JKNSZZ5Y
cf-ray
8e8d4b984ab132cc-PHL
accept-ranges
bytes
content-length
9702
server
cloudflare
x-amz-server-side-encryption
AES256
keno_2.png
files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/
8 KB
9 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/keno_2.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6da658a4859bd3484401cd58126920dffc8a65160f0862787b4aed92252e1bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"bba2ca9bcae65f9d7a89ca0b76859698"
x-amz-version-id
rnlM3L4e4YnlKeFczDf2MdgQZCqqmsc2
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=12500
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="keno_2.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:25:17 GMT
x-amz-id-2
222BvEnGvMwisf22QndX+RFth6c1+gk9GRLnraYFSDVkj4Uu0PSyqgc8hJ/s4cnHJAvp6FmdjDg=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
FAVTH0D9HBAKJE7X
cf-ray
8e8d4b984ab332cc-PHL
accept-ranges
bytes
content-length
8492
server
cloudflare
x-amz-server-side-encryption
AES256
keno_3.png
files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/
10 KB
10 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/keno_3.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce6fe2ffa78a1d184186d631b7e06e1635f764be4ad183416745c7bffe5237c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"cba5aadecdff512631520002f5133e9f"
x-amz-version-id
HG3Bpv2mgbwxB1WR68w9qT0AdVDoBVhp
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=14229
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="keno_3.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:25:16 GMT
x-amz-id-2
U1+seV7aIHyl1fEi19VBAo3xSvFWA4keMTSJfETaUBaeOB3kK6Xy37iRl6feFr9+n9dsYYmaE8kQ59pleDT6hg==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
FNSXHWQ4RN77C5MQ
cf-ray
8e8d4b984ab532cc-PHL
accept-ranges
bytes
content-length
10228
server
cloudflare
x-amz-server-side-encryption
AES256
poker_1.png
files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/
8 KB
8 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/poker_1.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0220636861c0a5e37169e4659aecf6eee22b28deb239ec9f668ad6885a129fab

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"55a3018482b77a0760473c8529cc41ac"
x-amz-version-id
tDDOw3map1sbxlYu3hnqHFBWVO4FT0gp
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=11447
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="poker_1.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:25:14 GMT
x-amz-id-2
FoaTfBWNOHNu7X3v/Z4yCTejz6IHUIzsDTMonurrSxb6iM6PxO17zCiLx8on9OAxnt9e0YAVPXg70GTQSfOfoUEp26bg6+CSvvYRFjbsP0A=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
X0Y8S2Q95MBMGQA6
cf-ray
8e8d4b984ab732cc-PHL
accept-ranges
bytes
content-length
8168
server
cloudflare
x-amz-server-side-encryption
AES256
baccarat_1.png
files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/
7 KB
7 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/ug_rng/baccarat_1.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3a722f264e9a2400e1cfa1e4be02978a8f8688da3a9c197bce65e9c0c8164be2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"874eb8cf1e13bcb42da2721e631997a4"
x-amz-version-id
R20.caE7xXIQgdkdlRCMGkcBfSIxnI.x
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=10596
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="baccarat_1.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:25:22 GMT
x-amz-id-2
Cb9SDYwTPojsRYmJvK2RNJeGa410rPECeqWudcXZEbt+EaUj9yMERiqhjQmjPt2Znd7yALA8dsuqUD/TCjYyQg==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
53F2EEKQS2VKJMX8
cf-ray
8e8d4b984ab932cc-PHL
accept-ranges
bytes
content-length
7128
server
cloudflare
x-amz-server-side-encryption
AES256
bca.png
files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/
8 KB
9 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/bca.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2dcbd99068ac3a5f6b4d8f0b1f54c60cd0f21018a5f1881792f6f338f31e7a6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"32c4bec9b51cc3d5559d3a91fc70b08f"
x-amz-version-id
e8LY2heNteLsMwVY55ltDdAaOqwtb2t2
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=13151
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="bca.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:23:29 GMT
x-amz-id-2
UMuaqCRQHPS607pY+82fma2QFinIm085DKJym6f5Pn00rbI1tLtDqsb55F/dXREJaa7/gbOvZ+eIKSIVTgx7zA==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
QGY8WJN8YQCSTXJM
cf-ray
8e8d4b984aba32cc-PHL
accept-ranges
bytes
content-length
8452
server
cloudflare
x-amz-server-side-encryption
AES256
bjma.png
files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/
6 KB
7 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/bjma.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56b6b226812ad5c4cba8e6759e21fcc86c65406a4a948bda7b358fe99d4e9b20

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"c8a76e6d1665b71b4a158c8c7f51dcbf"
x-amz-version-id
BDx3LY4fYLI21tILDyRrYcB7U3qcGsr2
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=11140
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="bjma.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:23:28 GMT
x-amz-id-2
f27b2sj7apDAAxv4xDEPg3AuI5IMR8tmernspCmdRCKi/FjYjsLHVyt/8DhBf/BhruZFCYsUes8=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
1R13W5Y8J8QFT6B5
cf-ray
8e8d4b984abc32cc-PHL
accept-ranges
bytes
content-length
6654
server
cloudflare
x-amz-server-side-encryption
AES256
bndt.png
files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/
13 KB
14 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/bndt.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24abd522ba395bda6ff02fa324fb5e0f92f9629b25089943427ad5fbeee4a98b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"682eb071db2a0f38997583757e1aedee"
x-amz-version-id
oJMciXCYTvv7WK8phVAoWCWtEmUKELut
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=17279
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="bndt.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:23:27 GMT
x-amz-id-2
sg47w5K8vJIC3P27sKZ8E4tyJ/O18x8GFdzJ4NqGCj0k3uiUeWRkMVH2EyUggJuM3FnF7xM6tUVMMD7+zPJL7A==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
D2YHPRBWCQ77Z1HX
cf-ray
8e8d4b984ac032cc-PHL
accept-ranges
bytes
content-length
13362
server
cloudflare
x-amz-server-side-encryption
AES256
bnadvanced.png
files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/
7 KB
8 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/bnadvanced.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f97a65aed5a9842a9b0a66d7e79b1268efd441e9b17498edce22b57c4dac3dae

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"3eebd755be2da5d6d5b90f4c85f4f01d"
x-amz-version-id
VIMu70mb3rW5VC8szt4pq8TBb4VNWDz1
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=11724
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="bnadvanced.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:23:27 GMT
x-amz-id-2
NxO8Oy+xGf1jmj6/tS8M7aQBw3SI6/xNE7k+n/7oDZmg9TWcpiUQlrcqnyNeSMklvp4A0oMyb7wiOfDvVrm9EA==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
X1R9GV2XYG1DN60H
cf-ray
8e8d4b984ac132cc-PHL
accept-ranges
bytes
content-length
7424
server
cloudflare
x-amz-server-side-encryption
AES256
rla.png
files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/
10 KB
10 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/rla.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb6fbf675fbcfcfbfd5d06832030ccd3a3ca7ddd2222167026b605bf0b352966

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"dad026bd9a0462f333acd74c8dab74d5"
x-amz-version-id
xwzXPdd3HthgmDT9lN5Ds673iw.uVchZ
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=13600
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="rla.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:23:27 GMT
x-amz-id-2
YKakmescawgraTDQZvWIZZru16HWOHjzkVST1s9+9YStKsaD8Quq9mGsE0gep7/IC6GfuGuwFTk=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
6RDPT9XJPV4M3VY1
cf-ray
8e8d4b984ac732cc-PHL
accept-ranges
bytes
content-length
9732
server
cloudflare
x-amz-server-side-encryption
AES256
bjmb.png
files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/
10 KB
10 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/bjmb.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e036533145eb3eae246bb09b595175131acbf5b46495bd56a716f470bf7977ef

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"6cc53974e87030f0bc0a6d3753c3041b"
x-amz-version-id
da9ZpramOHhF2n71P2yyhuogrYRMfiZr
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=13979
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="bjmb.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:23:28 GMT
x-amz-id-2
4s7s6h9m8RyBp8YvPSWXbLk6D/diT0HVzWB0SUJ5zyCJ9Bgb0gFc09YwXTsUuiopA26sAroYDNE=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
KA6RMJAYHG4E0HED
cf-ray
8e8d4b984aca32cc-PHL
accept-ranges
bytes
content-length
9962
server
cloudflare
x-amz-server-side-encryption
AES256
1302.png
files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/
9 KB
10 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/1302.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e48cde19e8714cd04e1d98092ba953e951b67195d5cafa244e9e73af4aacb2d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"37fdfb8625501b2fe8f26ab4f48911fe"
x-amz-version-id
ogyN9TrcY7_LCnKEM7F34KE7MWgT_FWC
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=13662
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="1302.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:23:26 GMT
x-amz-id-2
MzqHEkC0pUgq0BZt2DfSisnYzul35Fv6Ka88Ri5CUZLYFR5KhQHNs3awl6YukrCZ/iGoVek/7GphMU8zwAXEkg==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
GEQ8TPST280A5CQY
cf-ray
8e8d4b984ace32cc-PHL
accept-ranges
bytes
content-length
9594
server
cloudflare
x-amz-server-side-encryption
AES256
1320.png
files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/
9 KB
9 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/pp_rng/1320.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aca8521f26fd98c79f0b58b736ba42d04378b4b435eb111ec562fca4aff1982

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"8ac2973a5e066bb043e916214e2191f8"
x-amz-version-id
1iEHVxhf_9KAn7O48IiscIQhPqK5XDkp
cf-cache-status
HIT
age
103589
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=13923
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="1320.webp"
vary
Accept
last-modified
Wed, 04 Oct 2023 06:44:00 GMT
x-amz-id-2
1MM+03GKdiZcbhZA49EOVNetmWf62uV4bMEiJMZ7LDIGo5HAr9LrK1yO7ryAvic0bwF/b5Dp6mZM/EeAR3gjXHdoBdIkJlv9+GBX2GUmfds=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
3WETYCRFQC4JFGND
cf-ray
8e8d4b984ad132cc-PHL
accept-ranges
bytes
content-length
9196
server
cloudflare
x-amz-server-side-encryption
AES256
.png
files.sitestatic.net/assets/imgs/game_logos/100x70/
0
0

sv388_cf.png
files.sitestatic.net/assets/imgs/game_logos/100x70/
11 KB
12 KB
Image
General
Full URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/sv388_cf.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
246afb5060faec70f274c3daacd8ec82e695abceb0920f6c9d90ab1d24e7da09

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"9599f0a33c57994526d8cab3f4c35467"
x-amz-version-id
S5A0LbKrYbzJA8wgZJYTmi8YagyuMygv
cf-cache-status
HIT
age
153435
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=16785
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="sv388_cf.webp"
vary
Accept
last-modified
Tue, 12 Sep 2023 04:51:42 GMT
x-amz-id-2
QUzmvWKfEG4OwT2mVwhkV8SG5MSn09tVWwLXvVWHYqw9jKt4qdENkFGhKjg8634ck6WavFBIUVOaNR8qpMECsA==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
53F303QXJ667GGNA
cf-ray
8e8d4b984ad832cc-PHL
accept-ranges
bytes
content-length
11476
server
cloudflare
x-amz-server-side-encryption
AES256
e1Zc2NN79D.png
imgbob.online/ib/
107 KB
108 KB
Image
General
Full URL
https://imgbob.online/ib/e1Zc2NN79D.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:460e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4624df2d64ea46381ae6c5122051daffe45ad7dc9618ead5ff8afe44a7aef4d4
Security Headers
Name Value
X-Frame-Options allow

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HDcf6MmgdICy%2BGFIcgye%2B%2BIsZz8u%2BW80YrxSVxn1Vbp2YX%2F8bCAlfPJQ%2Bumm5KqgcYggrabopw96dhKJJMQrmNbODr%2FDnQlZTkru2hY27kGeDfxIjpez8DhMT%2FReEK%2B1nh5iAmYxCV%2B1auaL"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Dec 2024 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=32750&min_rtt=22090&rtt_var=4861&sent=291&recv=77&lost=2&retrans=1&sent_bytes=332127&recv_bytes=9113&delivery_rate=2133131&cwnd=160800&unsent_bytes=0&cid=70cab4d444aa902c&ts=1145&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Tue, 19 Nov 2024 22:14:19 GMT
vary
Accept-Encoding
x-frame-options
allow
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8d4b985ca5c351-EWR
accept-ranges
bytes
content-length
109773
x-turbo-charged-by
LiteSpeed
server
cloudflare
k7SyBRKgQQ.jpg
imgbob.online/ib/
62 KB
63 KB
Image
General
Full URL
https://imgbob.online/ib/k7SyBRKgQQ.jpg
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:460e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fba978ef428e748f58f0dafe4763921ed75a74a1dd7341995f47bf437f1dced
Security Headers
Name Value
X-Frame-Options allow

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zWHD%2BRWGbcMR%2Bpvvf51tERtaXKIAcmH4%2BwV1gy9n67oMSAL5BtljKV43IYKLOCf3qnl44WpBx58zhGlycQTW8ngFgeW4sLCB3T14NLYbv2jlK%2FdB7G2jcxGF5xbPRY0xQE2q72hkOYZCdads"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Dec 2024 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33997&min_rtt=22090&rtt_var=15044&sent=168&recv=64&lost=0&retrans=1&sent_bytes=186030&recv_bytes=8518&delivery_rate=903839&cwnd=62400&unsent_bytes=0&cid=70cab4d444aa902c&ts=1090&x=1", cfHdrFlush;dur=16
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 22:16:20 GMT
vary
Accept-Encoding
x-frame-options
allow
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8d4b985cabc351-EWR
accept-ranges
bytes
content-length
63879
x-turbo-charged-by
LiteSpeed
server
cloudflare
LBcWALOng1.png
imgbob.online/ib/
99 KB
100 KB
Image
General
Full URL
https://imgbob.online/ib/LBcWALOng1.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:460e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a6596f34ecb155199502407de42ff86995e8af89bed99d3351d5f3f51948e1d
Security Headers
Name Value
X-Frame-Options allow

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=77GwOOxqeXr%2FcqzCJzQJxHyw2jlBNJf90c4ySacsrzjkyBIbgYrovO1UkvesQWQfSxANVvPCAAZ%2BNBQJHW1ziesNZ%2BgJdTaEA15tvKjvZdHSYNRnQm5Rv0IF%2BYyF99rsu3LfCdos9%2BvSyhZH"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Dec 2024 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=36340&min_rtt=22090&rtt_var=5921&sent=377&recv=81&lost=2&retrans=1&sent_bytes=433868&recv_bytes=9293&delivery_rate=2436861&cwnd=172200&unsent_bytes=0&cid=70cab4d444aa902c&ts=1155&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Tue, 19 Nov 2024 22:17:11 GMT
vary
Accept-Encoding
x-frame-options
allow
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8d4b985cadc351-EWR
accept-ranges
bytes
content-length
101514
x-turbo-charged-by
LiteSpeed
server
cloudflare
f8z0efAnDv.jpg
imgbob.online/ib/
77 KB
78 KB
Image
General
Full URL
https://imgbob.online/ib/f8z0efAnDv.jpg
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:460e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
387078d3835a2c341e0016c1a43ff240b177cb6ec33453954aa21b01f32d85f9
Security Headers
Name Value
X-Frame-Options allow

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JdQrderT39Vs17nBxcxJANYan%2FgBCRhS8JsFHplDwB3Yfke9OrLV7crM8l%2F7iB4UTFcFiU0MnElRMxaKRtvNR5X5xNc%2F26LVXgSqo1%2BLYaOlYG9f%2FBgitnPoe6A8tPnMa9F2omd0ucjdVLkJ"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Dec 2024 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33997&min_rtt=22090&rtt_var=15044&sent=166&recv=64&lost=0&retrans=1&sent_bytes=184646&recv_bytes=8518&delivery_rate=903839&cwnd=62400&unsent_bytes=0&cid=70cab4d444aa902c&ts=1085&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 22:18:10 GMT
vary
Accept-Encoding
x-frame-options
allow
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8d4b985cb0c351-EWR
accept-ranges
bytes
content-length
78949
x-turbo-charged-by
LiteSpeed
server
cloudflare
Q38tn7K4y6.jpg
imgbob.online/ib/
58 KB
58 KB
Image
General
Full URL
https://imgbob.online/ib/Q38tn7K4y6.jpg
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:460e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
453be7032b1423fdb0a2be56427cec4ea42d224e8798b2c4f7bb6629955b9a76
Security Headers
Name Value
X-Frame-Options allow

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZNS2BjGLX0jbi2Caj2C7YxnhfIg59OwkS8n99MKhgm6sM9Z%2Bzzimy0cNUR5Bk8Lfa3NRJbhsFinNGWwhVb55rTUrrZ2DxwJyzhRqAYKnYJnCPp1wOKx8x0MNyskWM%2BLw3J%2BITlLpW4%2FeW3%2Fw"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Dec 2024 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=33997&min_rtt=22090&rtt_var=15044&sent=115&recv=64&lost=0&retrans=1&sent_bytes=123630&recv_bytes=8518&delivery_rate=903839&cwnd=62400&unsent_bytes=0&cid=70cab4d444aa902c&ts=1082&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/jpeg
last-modified
Tue, 19 Nov 2024 22:19:29 GMT
vary
Accept-Encoding
x-frame-options
allow
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8d4b985cb3c351-EWR
accept-ranges
bytes
content-length
59006
x-turbo-charged-by
LiteSpeed
server
cloudflare
new_ug_progressive_jackpot.png
files.sitestatic.net/progressive_img/
14 KB
15 KB
Image
General
Full URL
https://files.sitestatic.net/progressive_img/new_ug_progressive_jackpot.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a2d2d0247eec8f1fbdff48ff1a6e09ea06b149c4ba52b7b31e3a7f8fc1399d3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"5bfa3474d5bd3d583aba7dc4f5a5fcbf"
x-amz-version-id
LZFQSFlCbwOQQk0gfeksjBOwo29WVBJn
cf-cache-status
HIT
age
554406
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=16217
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
x-amz-meta-sha256
3e33a0522e8f2856f559d4f117c6db4cc4a557334b166a9181d121153f1696d5
vary
Accept
content-disposition
inline; filename="new_ug_progressive_jackpot.webp"
x-amz-id-2
Nhe3VAUJF03yHM3uRZE5IXid0rQlHTaB4whC2Xu7IXyRsm6V/G7dLwTqrfnSsaopd/khEZDgRaH+QX0vPYi2LUyOhABoNkkJU9Oe/ostkCE=
last-modified
Wed, 08 Sep 2021 07:29:35 GMT
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-meta-s3b-last-modified
20210908T071856Z
x-amz-request-id
S154PWV0WQ33QHGX
cf-ray
8e8d4b984ada32cc-PHL
accept-ranges
bytes
content-length
14374
server
cloudflare
x-amz-server-side-encryption
AES256
Gates_Of_Olympus.png
files.sitestatic.net/hot_games_img/mobile/normal/
6 KB
7 KB
Image
General
Full URL
https://files.sitestatic.net/hot_games_img/mobile/normal/Gates_Of_Olympus.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
289403a08e62b519f228059d9e23403a31ef2aafc5f0ae8c28ac50f70a39f8c9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"47f76e4c99ef9e0d6a48c462eff94999"
x-amz-version-id
aLQncjmsLHVgW2kCf2BTqW6VIihsrMS9
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origSize=6936, status=webp_bigger
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Tue, 07 Nov 2023 13:38:04 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
NenviNmZacqVvy/Rht5F40rTZp2mJ1O5xvDNDdSjkdz81bOJPvXOpLoCM8fzk+eYnj8m2W5DWlwyGycSdpv8H8i59DPIpTpNYY1s4SdkYN0=
cache-control
public, max-age=31536000
x-amz-request-id
F5VWWTGASX1B0M0D
cf-ray
8e8d4b984adc32cc-PHL
accept-ranges
bytes
content-length
6350
server
cloudflare
x-amz-server-side-encryption
AES256
Starlight_Princess.png
files.sitestatic.net/hot_games_img/mobile/normal/
6 KB
6 KB
Image
General
Full URL
https://files.sitestatic.net/hot_games_img/mobile/normal/Starlight_Princess.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
652dca9cf48a53412b2f84436879861472ab3a2c05e71d676a278ae733e2b673

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"1fcf101ade12f3e2a4f9d70fbdcbd7d4"
x-amz-version-id
_PDtZ4jOweWqGpPVwb6loK3oL2I0ylwJ
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origSize=6170, status=webp_bigger
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Tue, 07 Nov 2023 13:38:14 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
rE5Bx+gf6UEN/72nVmVH15xJm9rG2vLF/ISeW/kEdBwXErEfnLkScMqEwr74s6j/za1ovf0rApg=
cache-control
public, max-age=31536000
x-amz-request-id
KVHPTPR9E8WHRP9R
cf-ray
8e8d4b984ade32cc-PHL
accept-ranges
bytes
content-length
5696
server
cloudflare
x-amz-server-side-encryption
AES256
Starlight_Princess_1000.png
files.sitestatic.net/hot_games_img/mobile/normal/
6 KB
6 KB
Image
General
Full URL
https://files.sitestatic.net/hot_games_img/mobile/normal/Starlight_Princess_1000.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57632fbc80ecc23b32c34cf9cdf30485be22da2408dc632cd5bb967032942218

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"31f9ca101f54d4ff5b7720661d421fff"
x-amz-version-id
9N9lkHcPp1FeV12zQlvjmUnP7E0YdqFo
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origSize=6456, status=webp_bigger
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Tue, 07 Nov 2023 13:38:15 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
sytTQ6RjfFHKds6I5W0uQ0fKqZMZgggLtC4RjSvpUyV8KK+XTs/zoWEtvuHaBLJz18PUnLerXaM=
cache-control
public, max-age=31536000
x-amz-request-id
1A7HEJCX9TEZ4ZZ4
cf-ray
8e8d4b984ae132cc-PHL
accept-ranges
bytes
content-length
5737
server
cloudflare
x-amz-server-side-encryption
AES256
Sweet_Bonanza.png
files.sitestatic.net/hot_games_img/mobile/normal/
6 KB
6 KB
Image
General
Full URL
https://files.sitestatic.net/hot_games_img/mobile/normal/Sweet_Bonanza.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a2228df8642649b392e819fe7f6fa20c313c8249c608d6164d0ae56c38d950e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"df1d18bd2fe0b79d68a97d1cef4a311d"
x-amz-version-id
ZKAptl1fMmz72ikW_iLYxsrVPy9RB66I
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=5851
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="Sweet_Bonanza.webp"
vary
Accept
last-modified
Tue, 07 Nov 2023 13:38:17 GMT
x-amz-id-2
gJvrzUx4i4mdHZ2MjZdz/G2g1cK3hWFUzq5GG8wQI1KQc05IbzAlSRQq74DhV6NUA82ltUn579RXzi+ua8TT2g==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
RVPFBB2SQ3XK44F8
cf-ray
8e8d4b984ae232cc-PHL
accept-ranges
bytes
content-length
5714
server
cloudflare
x-amz-server-side-encryption
AES256
Twilight_Princess.png
files.sitestatic.net/hot_games_img/mobile/normal/
5 KB
6 KB
Image
General
Full URL
https://files.sitestatic.net/hot_games_img/mobile/normal/Twilight_Princess.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b323929cb0e7d962f9a2f7eee5046351455b694aa9ae0ac55bd0ca21d83908a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"4f99f14ce0e1b83725d454ade0ac3296"
x-amz-version-id
e8fY8ILskruZtRVjPUOBGZBQDx515wAh
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=5937
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="Twilight_Princess.webp"
vary
Accept
last-modified
Tue, 07 Nov 2023 13:38:19 GMT
x-amz-id-2
euHAYRJihOJ88kQjD9mFQESeVeN13OpsxPCdqMh4cmesNZwiCuJe3xEffAWnMGqV5XG2wEuEwbKlkAUw8HEA8Q==
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
AR2E0HZ3FR5BZHTM
cf-ray
8e8d4b984ae332cc-PHL
accept-ranges
bytes
content-length
5582
server
cloudflare
x-amz-server-side-encryption
AES256
Mahjong_Ways_Two.png
files.sitestatic.net/hot_games_img/mobile/normal/
6 KB
7 KB
Image
General
Full URL
https://files.sitestatic.net/hot_games_img/mobile/normal/Mahjong_Ways_Two.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e75ca1e2781289d36236220a50b047dd0283d54ade57d9977182675d2ee07283

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"44a0b2c84c1899ce56c2139fe2711add"
x-amz-version-id
SSmGhk03o5h3MyG_clxoxHVV0zDHacTI
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=6607
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="Mahjong_Ways_Two.webp"
vary
Accept
last-modified
Tue, 07 Nov 2023 13:38:10 GMT
x-amz-id-2
9PsaWoPIexehd+0Lu0NENBuhqHQAS0Vw6C9NcrvRKaNlBpj0EsIWCW4tYKvvTmA8QYQWaYuSy3E=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
MA1HRV2GY41T7BC6
cf-ray
8e8d4b984ae632cc-PHL
accept-ranges
bytes
content-length
6266
server
cloudflare
x-amz-server-side-encryption
AES256
Mahjong_Ways.png
files.sitestatic.net/hot_games_img/mobile/normal/
6 KB
7 KB
Image
General
Full URL
https://files.sitestatic.net/hot_games_img/mobile/normal/Mahjong_Ways.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a506050523a84179845c546e54e0ebb87d2b28a47a5ba6bf24d1ae2cb34fdad0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"bc92b71c7a72a1cd5fb77779dd0978bd"
x-amz-version-id
d.rK81OLUbkJMpZRyqa05IMRB6bgXJ70
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origSize=6501, status=webp_bigger
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Tue, 07 Nov 2023 13:38:08 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
0fPB5jrcJEthF9ixekjLyi6NLRMqUw/8aeOKIUwGHG7X5qVWebqSsx6mm8jY6XBCSXSxeBnJe5I=
cache-control
public, max-age=31536000
x-amz-request-id
HBQNG88D70AJBCQ6
cf-ray
8e8d4b984aeb32cc-PHL
accept-ranges
bytes
content-length
6239
server
cloudflare
x-amz-server-side-encryption
AES256
Lucky_Neko.png
files.sitestatic.net/hot_games_img/mobile/normal/
6 KB
6 KB
Image
General
Full URL
https://files.sitestatic.net/hot_games_img/mobile/normal/Lucky_Neko.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84d2a22dc30409984e9a92f8901870a9f497b094edf0e01dc984aeca78faa351

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"5dd66c2abcb33baa07afba555dacf944"
x-amz-version-id
xdRtDcySPwyrvcWKwLCXX5oi.O04Ejtl
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origSize=6489, status=webp_bigger
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Tue, 07 Nov 2023 13:38:06 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
aeymGVPFtL7EDpFWAdo3Ujo1npQ0n3hFLAoyJ+8QZ+7QkavRKTv4RP6QLsgnd726+KzoXxA0pgl/NJ1vosMrhw==
cache-control
public, max-age=31536000
x-amz-request-id
8ZFVJ0F4CCMPTB1W
cf-ray
8e8d4b984aec32cc-PHL
accept-ranges
bytes
content-length
6128
server
cloudflare
x-amz-server-side-encryption
AES256
Wild_Bandito.png
files.sitestatic.net/hot_games_img/mobile/normal/
6 KB
6 KB
Image
General
Full URL
https://files.sitestatic.net/hot_games_img/mobile/normal/Wild_Bandito.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9529ccf56bddbcc5853e4d5d183b0b1acd1f44fdbf78695a1d66f63cbd7cc5c7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"7dbbe83975eb68222a3e3f524a104d14"
x-amz-version-id
_CARKuQbxCCnPgLCQzP2tJXjnuISDxtb
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origSize=6222, status=webp_bigger
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Tue, 07 Nov 2023 13:38:20 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
Hq8wrUQAA5nZZw8VNMlQ83B8epUmrCPBcasat5yscWgCVSLPAUblY2D3hthtev8A1a+y9Kc7iI0=
cache-control
public, max-age=31536000
x-amz-request-id
VJEAATAK1E7WB8KP
cf-ray
8e8d4b984aee32cc-PHL
accept-ranges
bytes
content-length
5632
server
cloudflare
x-amz-server-side-encryption
AES256
Neko_Riches.png
files.sitestatic.net/hot_games_img/mobile/normal/
5 KB
6 KB
Image
General
Full URL
https://files.sitestatic.net/hot_games_img/mobile/normal/Neko_Riches.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc86a95eb9dcd5122fb083d756ccd3ac6322b92340ca9a5f050baa9087c6415a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"60dbfd4eb2c15185ba62c180d368c792"
x-amz-version-id
UJLfwduDWR8z7iRqPfWTuesp9VbHjANV
cf-cache-status
HIT
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origSize=5811, status=webp_bigger
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/png
last-modified
Tue, 07 Nov 2023 13:38:12 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
n0IQvROCGcnybMU5Q77KL3GdOux+/BLF9hC9cm5GOtlnZnJRIU747ImMDb3OD443iD4uN2ccXA0=
cache-control
public, max-age=31536000
x-amz-request-id
PQG163S5YQ369VCC
cf-ray
8e8d4b984af232cc-PHL
accept-ranges
bytes
content-length
5300
server
cloudflare
x-amz-server-side-encryption
AES256
bank_col.jpg
files.sitestatic.net/sprites/bank_logos/
2 KB
2 KB
Image
General
Full URL
https://files.sitestatic.net/sprites/bank_logos/bank_col.jpg?v=3
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af9a42baeabb75eb4eeb81d111196c4d5b129288f195c9ea8ab17b7344a29152

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"af9df6537ae2ed0ce71c27996899b8d4"
x-amz-version-id
mf8_Ntbd6wMRnXvDqml_sFaja__VLggA
cf-cache-status
HIT
age
348056
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/jpeg
last-modified
Fri, 01 Dec 2023 04:25:54 GMT
vary
Accept-Encoding
priority
u=3,i
x-amz-id-2
uolHxgY+nzmQw6KGzg8tG3yA5/PRlsxdn+rDxLD/OgBT8H4uUV5UTm8nTXUaC5I7pnvU9LfwUj8=
cache-control
public, max-age=31536000
x-amz-request-id
SSCYBY70YAEGHXP7
cf-ray
8e8d4b984af332cc-PHL
accept-ranges
bytes
content-length
1726
server
cloudflare
x-amz-server-side-encryption
AES256
ewallet_col.jpg
files.sitestatic.net/sprites/bank_logos/
1 KB
2 KB
Image
General
Full URL
https://files.sitestatic.net/sprites/bank_logos/ewallet_col.jpg?v=3
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b1bc6ddf81b9212855c94157645c93be27c8380737f4ee22502220e2f57822d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"a8fff466cb41638b9ec8809d201661da"
x-amz-version-id
YbJ8yC.ozANJQ2DTvJ_FOng9bCXoTnCd
cf-cache-status
HIT
age
348056
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=1410
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="ewallet_col.webp"
vary
Accept
last-modified
Fri, 01 Dec 2023 04:25:55 GMT
x-amz-id-2
nPeqUyq3UqqWy6Rqd8LG+bm5GlTA6a8FsPr0XMweYzBzghXhwuG3YBdV1sk+iNk0XLbvJpMlrEc=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
TS5KH8GNDAC2F1JB
cf-ray
8e8d4b984af732cc-PHL
accept-ranges
bytes
content-length
1230
server
cloudflare
x-amz-server-side-encryption
AES256
pulsa_col.jpg
files.sitestatic.net/sprites/bank_logos/
1 KB
2 KB
Image
General
Full URL
https://files.sitestatic.net/sprites/bank_logos/pulsa_col.jpg?v=3
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
230d6bc167e2bd82773b97c8a50ff08481d6006f1c4ecc547403cd5ae2e9b969

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"de6e906389c16211ca3beeba325e530d"
x-amz-version-id
xhl01QGXRGhxbTKEa24j63rnPkNYvNt4
cf-cache-status
HIT
age
261345
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
qual=85, origFmt=jpeg, origSize=1239
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
content-disposition
inline; filename="pulsa_col.webp"
vary
Accept
last-modified
Fri, 01 Dec 2023 04:25:54 GMT
x-amz-id-2
Js/7McZhJnc+DlRUXNojJfGDwqZD5t5Pgb78On/YQCvRrIiB2tpCVizqkaGVlImMWSoykVvonE4=
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-request-id
EHPYGNH80JGB8NDE
cf-ray
8e8d4b984af832cc-PHL
accept-ranges
bytes
content-length
1094
server
cloudflare
x-amz-server-side-encryption
AES256
footer_provider_col.png
files.sitestatic.net/images/
45 KB
46 KB
Image
General
Full URL
https://files.sitestatic.net/images/footer_provider_col.png?v=0.3
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d51f5fe358ab9b11c8534a4c453c90bc3a7ec3eb078d282428adc2dd8c05373

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"35d053198b1baaee6eea20f74507e442"
x-amz-version-id
3xQehRMiH.Jp_EgxuENiJ9XL7Jc6WLDQ
cf-cache-status
HIT
age
13130
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=75733
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
x-amz-meta-sha256
d05a4c841b532a689153ad0047f9e584a8eb6edab0dc6bbc04505e997e867730
vary
Accept
content-disposition
inline; filename="footer_provider_col.webp"
x-amz-id-2
xgPkHwG67I7YMMQ8OydcBdczoHdMUb0QJv08Dl0wjshb31aBxLe2bDb4FAWxbPIUwlBbOsPb0Xd9QOraPvLRDA==
last-modified
Tue, 04 Jul 2023 12:09:53 GMT
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-meta-s3b-last-modified
20230704T120943Z
x-amz-request-id
VZSHAF550F93EW2X
cf-ray
8e8d4b984afb32cc-PHL
accept-ranges
bytes
content-length
45990
server
cloudflare
x-amz-server-side-encryption
AES256
250px-APK_Logo.png
wiki.cdot.senecapolytechnic.ca/w/imgs/thumb/APK_Logo.png/
Redirect Chain
  • https://wiki.cdot.senecacollege.ca/w/imgs/thumb/APK_Logo.png/250px-APK_Logo.png
  • https://wiki.cdot.senecapolytechnic.ca/w/imgs/thumb/APK_Logo.png/250px-APK_Logo.png
19 KB
20 KB
Image
General
Full URL
https://wiki.cdot.senecapolytechnic.ca/w/imgs/thumb/APK_Logo.png/250px-APK_Logo.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
HTTP/1.1
Server
142.204.41.164 North York, Canada, ASN10265 (SENECA-ASN-01, CA),
Reverse DNS
sparc11.senecacollege.ca
Software
Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.33 /
Resource Hash
15be7a43dca6bd7ac2b1aaf230a256500c11dce1160ecd7a5b8e84a99e2c196d
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.senecacollege.ca;
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
content-security-policy
frame-ancestors 'self' *.senecacollege.ca;
ETag
"4d81-4adb865105700"
X-Permitted-Cross-Domain-Policies
none
Connection
Keep-Alive
X-Content-Type-Options
nosniff
Accept-Ranges
bytes
Content-Length
19841
Keep-Alive
timeout=5, max=100
Date
Tue, 26 Nov 2024 22:25:36 GMT
Last-Modified
Sat, 24 Sep 2011 23:36:28 GMT
Content-Type
image/png
Server
Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.33
X-Frame-Options
SAMEORIGIN

Redirect headers

Location
https://wiki.cdot.senecapolytechnic.ca/w/imgs/thumb/APK_Logo.png/250px-APK_Logo.png
Content-Length
267
Keep-Alive
timeout=5, max=100
Date
Tue, 26 Nov 2024 22:25:36 GMT
Content-Type
text/html; charset=iso-8859-1
Server
Apache/2.4.6 (CentOS) mpm-itk/2.4.7-04 OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.4.33
Connection
Keep-Alive
log_html5.png
desawin138.cloud/assets/images/
708 B
708 B
Image
General
Full URL
https://desawin138.cloud/assets/images/log_html5.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/desktop/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e%2Fdxa9kT8f8TLUWR%2BG5PILhd6TaAXemBaqwFXrcOFiEsrwG6z7RzPVnKDPOFv%2BEq%2F66QKYMimdO0JhAybzkzQpOLIhltmE3l8lCRv2KjAkBxWhDz0G08uiJet%2FM7Gu4ZuQ5z2KAnaViOiU3PXwTd"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b986a1141d3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26136&sent=99&recv=60&lost=0&retrans=0&sent_bytes=99333&recv_bytes=10719&delivery_rate=1148960&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=1186&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
btn_playnow.png
desawin138.cloud/assets/images/
708 B
708 B
Image
General
Full URL
https://desawin138.cloud/assets/images/btn_playnow.png
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/desktop/

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BN2Yo4A63gDHxokV2yCSpaUSeGhu6dITAf3wpHbFjgXkEp8JsK0pwuF%2BbXrPf%2Bb7ojSKx38wPP%2Bmba93nbUiIkPC%2FZUusl6xYBbohICzZvnpp%2FIzMP5Izc2vau%2B84eCvo%2BBQiPaIwZrxoHVZ77F"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b986a1341d3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26136&sent=97&recv=60&lost=0&retrans=0&sent_bytes=98141&recv_bytes=10719&delivery_rate=1148960&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=1185&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
jquery.validate.min.js
cdn.sitestatic.net/assets/jquery-validation/
24 KB
8 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery-validation/jquery.validate.min.js
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"5861a036c2de6c2df26749fe41d57605"
age
358822
expires
Wed, 26 Nov 2025 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
application/javascript
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-amz-id-2
Q4tkWExaKudOIApCxdlNtoKVn5JdARHEnVq4SCTtSGye59wCj93vNpzeXnpRYtz1WQU94h8RAzQ=
cache-control
public, max-age=31536000
x-amz-request-id
Z54198ACWMJVTA61
cf-ray
8e8d4b980a3b32cc-PHL
server
cloudflare
x-amz-server-side-encryption
AES256
additional-methods.min.js
cdn.sitestatic.net/assets/jquery-validation/
22 KB
7 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/jquery-validation/additional-methods.min.js
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"48babc4e826404ef8b8ca5bad48fc133"
age
358822
expires
Wed, 26 Nov 2025 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
application/javascript
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-amz-id-2
C4h+i4edl3jr0AN0CBGOvmJEWmJQN2tIzItQegoFTIbNuBeOaxSQkZa5m3BcFk3Cp/Mm3SBhsSc=
cache-control
public, max-age=31536000
x-amz-request-id
Z546ZXKNYGWWSH5H
cf-ray
8e8d4b982a6232cc-PHL
server
cloudflare
x-amz-server-side-encryption
AES256
jquery.fancybox.min.css
cdn.sitestatic.net/assets/fancybox/
12 KB
3 KB
Stylesheet
General
Full URL
https://cdn.sitestatic.net/assets/fancybox/jquery.fancybox.min.css
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"a2d42584292f64c5827e8b67b1b38726"
age
358822
expires
Wed, 26 Nov 2025 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
text/css
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-amz-id-2
IpXgvskG6xx0iF/Hwjc/V9O6xi+GdAVAnZEOZi+H1vjuNPCS6kFBKkQ6nRmUdih9aKk10vFBJz4=
cache-control
public, max-age=31536000
x-amz-request-id
M1SZRJM212GDBH83
cf-ray
8e8d4b982a6632cc-PHL
server
cloudflare
x-amz-server-side-encryption
AES256
jquery.fancybox.min.js
cdn.sitestatic.net/assets/fancybox/
67 KB
22 KB
Script
General
Full URL
https://cdn.sitestatic.net/assets/fancybox/jquery.fancybox.min.js
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"49a6b4d019a934bcf83f0c397eba82d8"
age
349788
expires
Wed, 26 Nov 2025 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
application/javascript
last-modified
Sat, 29 Jul 2023 04:41:22 GMT
vary
Accept-Encoding
priority
u=2,i=?0
x-amz-id-2
n4VcsIglRIHYJAa3+NrHuBaTfMGyBrCbz5paPj3M5WpQj2MxmPbxFatKWm7LIQFMpjaV0z2unhCjjMKbVP3HJw==
cache-control
public, max-age=31536000
x-amz-request-id
Z5448HJ0BWZT1MBE
cf-ray
8e8d4b982a6b32cc-PHL
server
cloudflare
x-amz-server-side-encryption
AES256
app-desktop.js
desawin138.cloud/js/ugsports/
167 KB
29 KB
Script
General
Full URL
https://desawin138.cloud/js/ugsports/app-desktop.js
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cced47df21d06644fc935df098496d100526c94bc7d1ab06738de58ba295b177

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/desktop/

Response headers

server
cloudflare
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZrSrzaaMJBLLmpmGewCKV5V0Re%2BC8wFGnqBBUjqF0uKp%2BqAVdN%2BRRhgSUx65gU51DrI4xkKPUxFzuV4o9Mww8CWPOo6O8tEO1eyJiERXPLjBDxbjbwG7ICPNwtugpbmo3A6fOiBsUoNsSZXMdbmj"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b9839ce41d3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27672&sent=106&recv=65&lost=0&retrans=0&sent_bytes=104136&recv_bytes=10940&delivery_rate=25319&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=1255&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
text/javascript
last-modified
Tue, 12 Mar 2024 01:32:36 GMT
vary
Accept-Encoding
priority
u=2,i=?0
fbevents.js
connect.facebook.net/en_US/
239 KB
61 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-VIvObujt' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-VIvObujt' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=24, rtx=0, c=23, mss=1232, tbw=5739, tp=11, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
8OiYW3Imi9RZIQ07OAipICkZrYfRNu7+K3i1VLJpeXP+t9qJxYGgBpbRb9AaPWY41iMI5soVxuSCOTDZTW9uug==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
62107
x-xss-protection
0
origin-agent-cluster
?1
style.min.css
desawin138.cloud/fonts/ugsports/icomoon/
9 KB
2 KB
Stylesheet
General
Full URL
https://desawin138.cloud/fonts/ugsports/icomoon/style.min.css
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b1a5f14c19905e892fe30be4a36bd563722fb7ee69bd0ed308d0dd77aa730a7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/desktop/

Response headers

server
cloudflare
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ppykfeb0aP%2BwtdHIJwGFFO0I0ioU8zPBIAauDjKz%2F3kSc0mmkchxqSB30v6wxY0cum%2FTisKxr83EWDterL61YCOmgbMngUlLE89OthP%2BOYEskE7iejC2CpwJKBU2b4xXvobYsqpKkbjLK0NfIRVf"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b986a1441d3-EWR
expires
Tue, 03 Dec 2024 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26136&sent=103&recv=60&lost=0&retrans=0&sent_bytes=101711&recv_bytes=10719&delivery_rate=1148960&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=1195&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
text/css
last-modified
Tue, 12 Mar 2024 01:32:32 GMT
vary
Accept-Encoding
priority
u=4,i=?0
css2
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;600&display=swap
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/css/ugsports/theme-20/d/style4.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9944672106eb4e10336f5c52f06f2dfc453813d9c3ad08106db60105a259dcfc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 22:25:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Tue, 26 Nov 2024 22:24:31 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
flags-sm.png
files.sitestatic.net/sprites/
12 KB
13 KB
Image
General
Full URL
https://files.sitestatic.net/sprites/flags-sm.png?v=8.1
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/css/ugsports/theme-20/d/style4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
45.194.53.13 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare London, LLC, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fd75df23a36dc508478535ee809456a101fe36802252d6ebfb586dfaaf4c2d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-bgj
imgq:85,h2pri
etag
"f65867ed882901895a6527c452994998"
x-amz-version-id
hLUm81uQN3iSTcpk4UFxAE3C0h95JMA8
cf-cache-status
HIT
age
376286
expires
Wed, 26 Nov 2025 22:25:36 GMT
cf-polished
origFmt=png, origSize=21986
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
image/webp
x-amz-meta-sha256
bcad67cbdce6856e5b7d009d7a6d5a29a468fd459661b7cfda87cee20d0de26a
vary
Accept
content-disposition
inline; filename="flags-sm.webp"
x-amz-id-2
wI9HSAPA0hIS+Labdcllru9uzODv+djiIZt44FPazy/Em+SW3cN1Bj7veohricXpJ77ySPgAOpE=
last-modified
Wed, 15 Feb 2023 02:23:05 GMT
priority
u=3,i
cache-control
public, max-age=31536000
x-amz-meta-s3b-last-modified
20230215T020107Z
x-amz-request-id
MN5HK1C0NCVG7D1D
cf-ray
8e8d4b984aff32cc-PHL
accept-ranges
bytes
content-length
12586
server
cloudflare
x-amz-server-side-encryption
AES256
game-tag-icon-hot.webp
desawin138.cloud/assets/images/sprites/
708 B
708 B
Image
General
Full URL
https://desawin138.cloud/assets/images/sprites/game-tag-icon-hot.webp
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/css/ugsports/theme-20/d/style4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/css/ugsports/theme-20/d/style4.css

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L9FIXoVdRWCgBPt35wvL3Lmd58mYqcnBglM4ln41da7ikHgX5KKpMWlFj5Jwj9TOEqfg%2BNkB1%2BSVJqCwPXdKuUKFDLZo4rLUGviQKS0H%2FyZZ3TlFnO7oMKya%2FzkBQpCCCuDTzH3EcbxrfJFE63Bx"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b986a1541d3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=26136&sent=101&recv=60&lost=0&retrans=0&sent_bytes=100521&recv_bytes=10719&delivery_rate=1148960&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=1190&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=3,i
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v29/
37 KB
37 KB
Font
General
Full URL
https://fonts.gstatic.com/s/montserrat/v29/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;600&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4006:823::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://desawin138.cloud
Referer
https://fonts.googleapis.com/

Response headers

age
530932
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Thu, 20 Nov 2025 18:56:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 20 Nov 2024 18:56:44 GMT
last-modified
Wed, 06 Nov 2024 17:30:37 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
37828
x-xss-protection
0
server
sffe
glyphicons-halflings-regular.woff2
desawin138.cloud/css/ugsports/theme-20/fonts/bootstrap/
0
0
Font
General
Full URL
https://desawin138.cloud/css/ugsports/theme-20/fonts/bootstrap/glyphicons-halflings-regular.woff2
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/css/ugsports/theme-20/d/style4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://desawin138.cloud
Referer
https://desawin138.cloud/css/ugsports/theme-20/d/style4.css

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMjlwr%2FYVpLUO7wwrpPwWIzCk06IkdFP53hC2nQG%2B%2FvwtWJBWj7ArKULXt%2B4EatZE0UVtCOQa99zKdNzh2%2FJQC0ENnRp1qWh%2F0tTUjniXBPbUk9obcDHN6%2Ft5qxPlJkZKCN5vfmveZWacACvu8NW"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b992b7041d3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27672&sent=132&recv=65&lost=0&retrans=0&sent_bytes=134902&recv_bytes=10940&delivery_rate=25319&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=1304&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
icomoon.woff2
desawin138.cloud/fonts/ugsports/icomoon/fonts/
22 KB
23 KB
Font
General
Full URL
https://desawin138.cloud/fonts/ugsports/icomoon/fonts/icomoon.woff2?fx18yi
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/fonts/ugsports/icomoon/style.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a8c098b49310c2a8c9d99ff52fd35112c31129c18b62a1d032bc5c202c9bd07

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://desawin138.cloud
Referer
https://desawin138.cloud/fonts/ugsports/icomoon/style.min.css

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vn3q6Df0ZDpBrCr47x47N6ccjIHGED6cfeISM4Jul3ohGM2hZshNYBzTM4QTsb51Zzzo997Zencr8HtVdTnueexEWqOLG1jmxGV%2F72hk8akP%2BLaA5lWpR6ogQkH0dnuj2fCUGXUh281shuB8aJqn"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Dec 2024 22:25:36 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=37814&sent=138&recv=72&lost=0&retrans=0&sent_bytes=137341&recv_bytes=12522&delivery_rate=5180&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=1639&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
font/woff2
last-modified
Tue, 12 Mar 2024 01:32:32 GMT
vary
Accept-Encoding
priority
u=0,i=?0
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8d4b9aad9e41d3-EWR
accept-ranges
bytes
content-length
22640
server
cloudflare
glyphicons-halflings-regular.woff
desawin138.cloud/css/ugsports/theme-20/fonts/bootstrap/
0
0
Font
General
Full URL
https://desawin138.cloud/css/ugsports/theme-20/fonts/bootstrap/glyphicons-halflings-regular.woff
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/css/ugsports/theme-20/d/style4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://desawin138.cloud
Referer
https://desawin138.cloud/css/ugsports/theme-20/d/style4.css

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6qSvYF8ygoqK6gRJ%2BxUERX4FsqmZBA4yjgmk6McX%2FMvfNEX0eF%2BKpMQR0BkAcZfUpNTarXnbhqBxi1ATuNgf%2FbSmZ5LgFt5XaPE3hYAOoXPEyTqLigsY3OSE1%2Bu5s7ZlWHyMOPRbP3spDq0zhSTi"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b9abdac41d3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=38650&sent=136&recv=70&lost=0&retrans=0&sent_bytes=136147&recv_bytes=12005&delivery_rate=392267&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=1552&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
1008275913534968
connect.facebook.net/signals/config/
76 KB
15 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1008275913534968?v=2.9.176&r=stable&domain=desawin138.cloud&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f35a:80:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e44fa6c67c6d46270b57fb853746bfa10bfd5f5d77d54d00be44eee9c9ba87e8
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src 'nonce-anDODSO1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: *;script-src 'nonce-anDODSO1' *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=79, rtx=0, c=69, mss=1232, tbw=71563, tp=67, tpl=0, uplat=74, ullat=0
pragma
public
x-fb-debug
Q9lSLoweuo5JHxQ5bTyD4xfDlvON6pAJPpVtsDCdsUl+y27qNO76TupYZDkl7+aQNHutVXga2GkJObcSse7fKg==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
glyphicons-halflings-regular.ttf
desawin138.cloud/css/ugsports/theme-20/fonts/bootstrap/
0
0
Font
General
Full URL
https://desawin138.cloud/css/ugsports/theme-20/fonts/bootstrap/glyphicons-halflings-regular.ttf
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/css/ugsports/theme-20/d/style4.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://desawin138.cloud
Referer
https://desawin138.cloud/css/ugsports/theme-20/d/style4.css

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
BYPASS
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pzGTlfsy1GlG6ASB9XUDyOK9CV4oCX1lTF4ktgmPrEcQF3%2Fq6q%2BP2u6n8kmXZFgKoL1EgPEkvQHMDW1FSppYZDem1Z8S5nbJXkybD4dN2rfW98IWcRiR1GUSOADBe8sHRS1awIFgJ2C%2FkznHNmZQ"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b9c4fba41d3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34821&sent=162&recv=76&lost=0&retrans=0&sent_bytes=162386&recv_bytes=13236&delivery_rate=633569&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=1806&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=0,i=?0
getPokerJackpotAmt
desawin138.cloud/
708 B
1 KB
XHR
General
Full URL
https://desawin138.cloud/getPokerJackpotAmt
Requested by
Host: cdn.sitestatic.net
URL: https://cdn.sitestatic.net/assets/jquery/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::ac43:a31c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa

Request headers

X-CSRF-TOKEN
zYfuAettv5ooKJKWkIJRDCNZn9QosiU0a4f0jQ6a
Referer
https://desawin138.cloud/desktop/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept
*/*
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

cache-control
private, no-cache, no-store, must-revalidate, max-age=0
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CBl7f3ZthAZnrsGmwEtXvXbkLUTZMK9fey3Vikhr0Wx1UzIdY2h5Z8qur0YUMDCCyQNh0GGHIzTzLHAxuNJZtkOREr01em6mg17zbE1VJW9NzsH2Rzh9r3HK1krpwTT9ciM%2FsnfjHtfAucoaKBgj"}],"group":"cf-nel","max_age":604800}
cf-ray
8e8d4b9ca84341d3-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=34821&sent=160&recv=76&lost=0&retrans=0&sent_bytes=161217&recv_bytes=13236&delivery_rate=633569&cwnd=45600&unsent_bytes=0&cid=73584985d2d75400&ts=1786&x=1", cfExtPri, cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:36 GMT
content-type
text/html
server
cloudflare
priority
u=1,i
/
www.facebook.com/tr/
0
16 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1008275913534968&ev=PageView&dl=https%3A%2F%2Fdesawin138.cloud%2Fdesktop%2F&rl=https%3A%2F%2Fdesawin138.cloud%2F&if=false&ts=1732659936805&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732659936799.78738988754571443&cs_est=true&cdl=API_unavailable&it=1732659936549&coo=false&rqm=GET
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f35a:1:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
GOOD; q=0.7, rtt=96, rtx=0, c=23, mss=1232, tbw=5728, tp=11, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Tue, 26 Nov 2024 22:25:37 GMT
content-type
text/plain
server
proxygen-bolt
priority
u=3,i
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
197 B
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=1008275913534968&ev=PageView&dl=https%3A%2F%2Fdesawin138.cloud%2Fdesktop%2F&rl=https%3A%2F%2Fdesawin138.cloud%2F&if=false&ts=1732659936805&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=4126&fbp=fb.1.1732659936799.78738988754571443&cs_est=true&cdl=API_unavailable&it=1732659936549&coo=false&rqm=FGET
Requested by
Host: desawin138.cloud
URL: https://desawin138.cloud/desktop/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f35a:1:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7441717765126246392"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Tue, 26 Nov 2024 22:25:37 GMT
content-type
image/png
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7441717765126246392", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'wasm-unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-debug
gDFiu0ifsJdisZxkbmGtX+2bNJbanwkgedO5r44jpercqtOWQmxOzo4fPLZsXwzgRZ2KyGloEpAmVulJOoED7g==
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
GOOD; q=0.7, rtt=71, rtx=0, c=23, mss=1232, tbw=6096, tp=14, tpl=0, uplat=88, ullat=0
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
FHJvycZjQi.png
imgbob.online/ib/
112 KB
0
Other
General
Full URL
https://imgbob.online/ib/FHJvycZjQi.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3035::6815:460e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
83486ce041bf9d480fac8a50216470ba7d7d9ff189073c24211f3ce5ff8bedae
Security Headers
Name Value
X-Frame-Options allow

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://desawin138.cloud/

Response headers

cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YZCcVKiGAiTe4GqyFVIEF9pI48pKa1go7Nsl2kuYdTlVBPLkGtMkuBZA5lTBvNVMA%2FDQg310HADmo%2BBtJoz9QGEZU1LSw84jW5ZdaRyVbSe8BfLiUstSjfxY9Fcb890zEnSZyJqMmAPrqIVr"}],"group":"cf-nel","max_age":604800}
expires
Tue, 03 Dec 2024 22:25:35 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=27614&min_rtt=23089&rtt_var=11316&sent=12&recv=10&lost=0&retrans=0&sent_bytes=4187&recv_bytes=4389&delivery_rate=385&cwnd=12000&unsent_bytes=0&cid=70cab4d444aa902c&ts=542&x=1", cfHdrFlush;dur=0
date
Tue, 26 Nov 2024 22:25:35 GMT
content-type
image/png
last-modified
Tue, 19 Nov 2024 22:10:48 GMT
vary
Accept-Encoding
x-frame-options
allow
cache-control
public, max-age=604800
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e8d4b942ff7c351-EWR
accept-ranges
bytes
content-length
114836
x-turbo-charged-by
LiteSpeed
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
i.ibb.co.com
URL
https://i.ibb.co.com/gDv3sw1/PUSAT188-13-7-2024.png
Domain
www.google-analytics.com
URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GK0859L4L5&gtm=45je4bk0v9191506330za200zb9191494754&_p=1732659934692&gcd=13l3l3l3l1l1&npa=0&dma=0&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=1925977769.1732659935&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1732659934&sct=1&seg=0&dl=https%3A%2F%2Fdesawin138.cloud%2F&dt=DESAWIN138%20%7C%7C%20SITUS%20SLOT%20ONLINE%20TERBAIK%20%26%20TERPERCAYA%202024&en=scroll&epn.percent_scrolled=90&_et=12&tfd=1070
Domain
files.sitestatic.net
URL
https://files.sitestatic.net/assets/imgs/game_logos/100x70/.png

Verdicts & Comments Add Verdict or Comment

50 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| fbq function| _fbq function| $ function| jQuery function| Sweetalert2 function| SweetAlert function| Swal function| sweetAlert function| swal function| registerPopup string| currencyCode string| lang string| agentCode function| formatNumber function| convertToNumber function| formatCurrency number| prize function| ajax_jackpot function| popitup function| popup function| commaSeparateNumber function| getRandomIntInclusive number| accLength function| bankAccLength object| webpackChunk_3mplay object| lazySizes function| xhr_get function| showLoadingImgFn function| removeLoadingImgFn function| json_get function| ajax_submit function| json_post function| bindBankRegFormVal function| setBankUserOptions function| setOriginalSelect function| removeOptions function| restoreOptions function| bindNewFundRegFormVal object| transMsgs function| openLiveChat function| change_lang function| bindChgPassFormJS function| bindChgComplaintFormJS function| ajaxLoginForm function| update_memo_status function| ajaxResetPwdForm function| getAllGameBal function| check_notification_status function| alertLogin function| tw_information

6 Cookies

Domain/Path Name / Value
desawin138.cloud/ Name: PHPSESSID
Value: 35addff58051247ba3b2dd55ee4ec141
.desawin138.cloud/ Name: _ga
Value: GA1.1.1925977769.1732659935
.desawin138.cloud/ Name: _ga_GK0859L4L5
Value: GS1.1.1732659934.1.0.1732659934.0.0.0
.sitestatic.net/ Name: __cf_bm
Value: .u5C.WV.F1EHLdAkwrQ.SLOpTVPlryoSpYtzRJXGWxE-1732659935-1.0.1.1-uR52EW4xu97AJcBp0GpySBHKJveyD5PBEwWbHhZH8LNwX4O9.2DzlGJUkcr8U5s28kuFStbUtKYVHv2aF8zV4Q
.linkcdn.cloud/ Name: __cf_bm
Value: OY0OT4n2eyTFqwluPuBm2aovuXrEeHK8lGG4kpcUu4M-1732659936-1.0.1.1-EoxrZ_XXyVX1rvimSZkLBUQMcRJeaduH6mCJKd87wGgNMR7RhRrwnRpyPdM7k4KM4tZfHPjnQo7Ek4Gnzqz6YQ
.desawin138.cloud/ Name: _fbp
Value: fb.1.1732659936799.78738988754571443

12 Console Messages

Source Level URL
Text
network error URL: https://desawin138.cloud/assets/images/nav_imgs/Sub-InfoCentre.png
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://desawin138.cloud/desktop/
Message:
Failed to find a valid digest in the 'integrity' attribute for resource 'https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css' with computed SHA-512 integrity 'iBBXm8fW90+nuLcSKlbmrPcLa0OT92xO1BIsZ+ywDWZCvqsWgccV3gFoRBv0z+8dLJgyAHIhR35VZc2oM/gI1w=='. The resource has been blocked.
network error URL: https://desawin138.cloud/assets/images/nav_imgs/Sub-ContactUs.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://desawin138.cloud/assets/images/btn_playnow.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://desawin138.cloud/assets/images/log_html5.png
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://desawin138.cloud/assets/images/sprites/game-tag-icon-hot.webp
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://desawin138.cloud/css/ugsports/theme-20/fonts/bootstrap/glyphicons-halflings-regular.woff2
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://desawin138.cloud/css/ugsports/theme-20/fonts/bootstrap/glyphicons-halflings-regular.woff
Message:
Failed to load resource: the server responded with a status of 404 ()
recommendation verbose URL: https://desawin138.cloud/desktop/
Message:
[DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
network error URL: https://desawin138.cloud/getPokerJackpotAmt
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://desawin138.cloud/css/ugsports/theme-20/fonts/bootstrap/glyphicons-halflings-regular.ttf
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://desawin138.cloud/desktop/
Message:
The resource https://desawin138.cloud/fonts/ugsports/icomoon/fonts/icomoon.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.sitestatic.net
cdnjs.cloudflare.com
connect.facebook.net
d2rzzcn1jnr24x.cloudfront.net
desawin138.cloud
dlntdk2it99.anhuidingyue.com
files.sitestatic.net
fonts.googleapis.com
fonts.gstatic.com
i.ibb.co
i.ibb.co.com
images.linkcdn.cloud
imgbob.online
wiki.cdot.senecacollege.ca
wiki.cdot.senecapolytechnic.ca
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
files.sitestatic.net
i.ibb.co.com
www.google-analytics.com
142.204.41.164
157.185.177.217
169.197.85.95
2600:9000:2514:1200:c:5e6d:a440:21
2606:4700:3035::6815:460e
2606:4700:3036::ac43:a31c
2606:4700:4400::ac40:9ac7
2606:4700::6811:180e
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::200a
2607:f8b0:4006:821::200e
2607:f8b0:4006:823::2003
2a03:2880:f35a:1:face:b00c:0:25de
2a03:2880:f35a:80:face:b00c:0:3
45.194.53.13
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
0220636861c0a5e37169e4659aecf6eee22b28deb239ec9f668ad6885a129fab
0a2d2d0247eec8f1fbdff48ff1a6e09ea06b149c4ba52b7b31e3a7f8fc1399d3
0ed7af32af3dcf65e10e2123e6e78370d6e11517ef496b816683923748936227
0f5bb9e7b5080650c64845001111f594d18633e265b24f1e7f3c4ae462e92288
0f5cf4da502cde94bcb1a12eb385da78c6b8c4dfc262f15a9ecd0193b0d7a931
0fba978ef428e748f58f0dafe4763921ed75a74a1dd7341995f47bf437f1dced
125338643834d5fc9929b0331770ff8bbb2f1a54b41efeced0c750889d8d1547
15be7a43dca6bd7ac2b1aaf230a256500c11dce1160ecd7a5b8e84a99e2c196d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1aca8521f26fd98c79f0b58b736ba42d04378b4b435eb111ec562fca4aff1982
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
1d9b73a2b7a47878280ed4d3005a670b541fd37394bb7bdd0a60d999067eed9a
230d6bc167e2bd82773b97c8a50ff08481d6006f1c4ecc547403cd5ae2e9b969
23f9699ada286b3474d488ac0b62ff74bcbbf5112ad374f1afcd8c3e421250cd
243f7f83da1100e1e25203c7caaa1dd2d407096429b6a4df5bb925b38f96adb9
246afb5060faec70f274c3daacd8ec82e695abceb0920f6c9d90ab1d24e7da09
24abd522ba395bda6ff02fa324fb5e0f92f9629b25089943427ad5fbeee4a98b
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
289403a08e62b519f228059d9e23403a31ef2aafc5f0ae8c28ac50f70a39f8c9
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
29691b2d3982eae1a57793938c1d2a3d382331ac4f1d8f35bd38ea268525c86b
35d71b42dfae4acf991ae4fdab8c755d27c6df617bc903cb3c611950382d26c0
37a4e56c497e170de6e152bc479624eb8d7ccb35bad5a190f2fdb17ac699cffa
387078d3835a2c341e0016c1a43ff240b177cb6ec33453954aa21b01f32d85f9
3a722f264e9a2400e1cfa1e4be02978a8f8688da3a9c197bce65e9c0c8164be2
42ce8ccbd066b6afe408aaedd24368906bbae1ecd510c583af6b8ba2735e2e3c
453be7032b1423fdb0a2be56427cec4ea42d224e8798b2c4f7bb6629955b9a76
4600f1c62a383df59d3bfdc279925baf386cf20e3b04e70acd0f55d184cff3fd
4624df2d64ea46381ae6c5122051daffe45ad7dc9618ead5ff8afe44a7aef4d4
4815cc2929b3c2763dddfaae0ad124d2c8fb30322f9ab1c0a3c05919484abe31
50460536deb8b30674ab0d4c4c78eab3956188a409927500cd86e08a6ef57dac
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
56b6b226812ad5c4cba8e6759e21fcc86c65406a4a948bda7b358fe99d4e9b20
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
57632fbc80ecc23b32c34cf9cdf30485be22da2408dc632cd5bb967032942218
63d393565f8eec52c9f8cfa7fd9475787519c1ecaf4e92ab2092129873756d28
652dca9cf48a53412b2f84436879861472ab3a2c05e71d676a278ae733e2b673
667013651d0feb0de4ae132b8a11cf9d7a5af592012d8bf369d0a350204f4935
6b319d675dbc16c28d1ebe16c92b4a4db931746cc9e07c1da60b155c47aca640
6df7715e38249c975455d129a98e4cf872558887d07b234b15c244d84d7266ce
6e48cde19e8714cd04e1d98092ba953e951b67195d5cafa244e9e73af4aacb2d
7779905b7dceed7387e7fa0a6b4e11792a6af18805f4992be5579e8d19e5d5b6
7a2228df8642649b392e819fe7f6fa20c313c8249c608d6164d0ae56c38d950e
7a8c098b49310c2a8c9d99ff52fd35112c31129c18b62a1d032bc5c202c9bd07
7b1bc6ddf81b9212855c94157645c93be27c8380737f4ee22502220e2f57822d
7b323929cb0e7d962f9a2f7eee5046351455b694aa9ae0ac55bd0ca21d83908a
7d5ed0af859dcab726b80030ef799e393fca264405a9e049180935615f91c000
8105cf9f2bdccdf8dafd1245d0ac1db3d299fd632ccd58ee9186f8fab323cda8
83486ce041bf9d480fac8a50216470ba7d7d9ff189073c24211f3ce5ff8bedae
84d2a22dc30409984e9a92f8901870a9f497b094edf0e01dc984aeca78faa351
879dbffc2a87e1ff6c8041f8fe28c31980eda407c2630a2a4aa954735f1d8311
8b1a5f14c19905e892fe30be4a36bd563722fb7ee69bd0ed308d0dd77aa730a7
8fd75df23a36dc508478535ee809456a101fe36802252d6ebfb586dfaaf4c2d1
904388ad52f3bec71e78a0bd3fc6fd9c9e9aab3e9e7bd117bae3e0884dd10b99
923db1fa199b914c4e69eeff7e3840d0c2dca9e6882ff36be15f92aea31543e9
9529ccf56bddbcc5853e4d5d183b0b1acd1f44fdbf78695a1d66f63cbd7cc5c7
9944672106eb4e10336f5c52f06f2dfc453813d9c3ad08106db60105a259dcfc
9a6596f34ecb155199502407de42ff86995e8af89bed99d3351d5f3f51948e1d
9d51f5fe358ab9b11c8534a4c453c90bc3a7ec3eb078d282428adc2dd8c05373
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
a506050523a84179845c546e54e0ebb87d2b28a47a5ba6bf24d1ae2cb34fdad0
a5242c46514d1c21256372baf1eea3ef75501339645e1c35d3a67ddff8733a53
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
af9a42baeabb75eb4eeb81d111196c4d5b129288f195c9ea8ab17b7344a29152
b2dcbd99068ac3a5f6b4d8f0b1f54c60cd0f21018a5f1881792f6f338f31e7a6
b3a4a21b50fb26de792a839b6033bdaa1a6b778bf154b4b0efa6004e246d6801
bb6fbf675fbcfcfbfd5d06832030ccd3a3ca7ddd2222167026b605bf0b352966
bc55797c4d79f179288d27b6829e57352b1f4f5b356e5aa12a82e51ed6d4a2a5
bf5fc8dc0df8d6639db803f043f6264e714110111046b0309d3aa85e2a7f7d23
c2a66584f338ed2a0fa21f06f5e281ebb9fb6f733f0938493d991d9e8720a1f5
c6da658a4859bd3484401cd58126920dffc8a65160f0862787b4aed92252e1bc
c9770606736a01931ba00be4edea80dea044dcd6b82cd7af5727e383416ed6b1
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cc86a95eb9dcd5122fb083d756ccd3ac6322b92340ca9a5f050baa9087c6415a
cced47df21d06644fc935df098496d100526c94bc7d1ab06738de58ba295b177
ce6fe2ffa78a1d184186d631b7e06e1635f764be4ad183416745c7bffe5237c0
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
e036533145eb3eae246bb09b595175131acbf5b46495bd56a716f470bf7977ef
e1c3cafc060d453424adc8da5338753a9d72b8da5d1722054ca8bbcd341f65d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e44fa6c67c6d46270b57fb853746bfa10bfd5f5d77d54d00be44eee9c9ba87e8
e75ca1e2781289d36236220a50b047dd0283d54ade57d9977182675d2ee07283
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0
f97a65aed5a9842a9b0a66d7e79b1268efd441e9b17498edce22b57c4dac3dae
fdc9964050bfa24c27a3c76c6791b3674292a5f352cbc83d7a4dc49595bc3fb1