Submitted URL: http://vshop.tv/
Effective URL: https://www.bigwin29.com/
Submission: On May 16 via api from US — Scanned from SG

Summary

This website contacted 23 IPs in 3 countries across 13 domains to perform 76 HTTP transactions. The main IP is 13.35.18.46, located in United States and belongs to AMAZON-02, US. The main domain is www.bigwin29.com.
TLS certificate: Issued by Amazon RSA 2048 M03 on February 29th 2024. Valid for: a year.
This is the only time www.bigwin29.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2a02:4780:3:7... 47583 (AS-HOSTINGER)
35 13.35.18.46 16509 (AMAZON-02)
4 2404:6800:400... 15169 (GOOGLE)
1 23.52.40.83 20940 (AKAMAI-ASN1)
5 151.101.129.44 54113 (FASTLY)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 2620:1ec:bdf::59 8075 (MICROSOFT...)
3 108.157.254.118 16509 (AMAZON-02)
4 104.88.70.106 20940 (AKAMAI-ASN1)
2 2001:4860:480... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
2 2404:6800:400... 15169 (GOOGLE)
1 172.217.194.155 15169 (GOOGLE)
1 2 74.125.130.154 15169 (GOOGLE)
1 2 142.251.10.106 15169 (GOOGLE)
1 74.125.68.94 15169 (GOOGLE)
1 157.240.235.1 32934 (FACEBOOK)
2 2a03:2880:f10... 32934 (FACEBOOK)
1 2a04:4e42::300 54113 (FASTLY)
1 141.226.224.32 200478 (TABOOLA-AS)
3 23.96.124.68 8075 (MICROSOFT...)
1 2 20.205.115.81 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
2 141.226.229.48 200478 (TABOOLA-AS)
76 23
Apex Domain
Subdomains
Transfer
38 bigwin29.com
www.bigwin29.com
wwwpl.bigwin29.com
2 MB
9 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 1034
trc.taboola.com — Cisco Umbrella Rank: 748
pips.taboola.com — Cisco Umbrella Rank: 1855
cds.taboola.com — Cisco Umbrella Rank: 2020
trc-events.taboola.com — Cisco Umbrella Rank: 2557
34 KB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 743
s.clarity.ms
c.clarity.ms — Cisco Umbrella Rank: 1385
29 KB
5 livechatinc.com
cdn.livechatinc.com — Cisco Umbrella Rank: 5814
api.livechatinc.com — Cisco Umbrella Rank: 5281
secure.livechatinc.com — Cisco Umbrella Rank: 6588
34 KB
4 google.com
analytics.google.com — Cisco Umbrella Rank: 154
www.google.com — Cisco Umbrella Rank: 2
388 B
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
360 KB
3 google.com.sg
www.google.com.sg — Cisco Umbrella Rank: 13326
626 B
3 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 89
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
2 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 183
75 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 101
306 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
761 B
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
2 KB
1 vshop.tv
vshop.tv
275 B
76 13
Domain Requested by
35 www.bigwin29.com www.bigwin29.com
4 www.googletagmanager.com www.bigwin29.com
www.googletagmanager.com
3 s.clarity.ms www.clarity.ms
3 www.google.com.sg www.bigwin29.com
3 api.livechatinc.com cdn.livechatinc.com
3 wwwpl.bigwin29.com www.bigwin29.com
3 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 cdn.taboola.com www.googletagmanager.com
cdn.taboola.com
2 trc-events.taboola.com cdn.taboola.com
2 c.clarity.ms 1 redirects
2 www.facebook.com www.bigwin29.com
2 www.google.com 1 redirects www.bigwin29.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 trc.taboola.com cdn.taboola.com
2 analytics.google.com www.googletagmanager.com
2 www.clarity.ms www.bigwin29.com
www.clarity.ms
1 c.bing.com 1 redirects
1 secure.livechatinc.com cdn.livechatinc.com
1 cds.taboola.com cdn.taboola.com
1 pips.taboola.com cdn.taboola.com
1 www.googleadservices.com www.googletagmanager.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 cdn.livechatinc.com www.bigwin29.com
1 vshop.tv 1 redirects
76 24

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.tiktok.com
twitter.com
t.me
Subject Issuer Validity Valid
*.bigwin29.com
Amazon RSA 2048 M03
2024-02-29 -
2025-03-30
a year crt.sh
*.google-analytics.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
livechat.com
DigiCert TLS RSA SHA256 2020 CA1
2024-01-31 -
2025-01-31
a year crt.sh
*.taboola.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2023-10-23 -
2024-11-22
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-02-23 -
2024-05-23
3 months crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1
2023-12-07 -
2024-12-07
a year crt.sh
*.google.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.google.com.sg
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
*.googleadservices.com
GTS CA 1C3
2024-04-16 -
2024-07-09
3 months crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 01
2024-01-14 -
2024-06-27
5 months crt.sh

This page contains 2 frames:

Primary Page: https://www.bigwin29.com/
Frame ID: B22D40FC6269BD7DFD211FE5C1D0B5C6
Requests: 89 HTTP requests in this frame

Frame: https://secure.livechatinc.com/customer/action/open_chat?license_id=15229659&group=0&embedded=1&widget_version=3&unique_groups=0
Frame ID: D6880F9ABDDF13A1BC7BBF8ED4B72B00
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

BIGWIN29 Online Games Philippines | PAGCOR Licensed!

Page URL History Show full URLs

  1. http://vshop.tv/ HTTP 307
    https://vshop.tv/ HTTP 301
    https://www.bigwin29.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • cdn\.livechatinc\.com/.*tracking\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Page Statistics

76
Requests

97 %
HTTPS

42 %
IPv6

13
Domains

24
Subdomains

23
IPs

3
Countries

2544 kB
Transfer

4650 kB
Size

24
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vshop.tv/ HTTP 307
    https://vshop.tv/ HTTP 301
    https://www.bigwin29.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 63
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11295569087/?random=1960480659&cv=11&fst=1715836152811&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bigwin29.com%2F&label=w7WFCIGZq_wYEL_pkooq&hn=www.googleadservices.com&frm=0&tiba=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&value=0&npa=0&pscdl=noapi&auid=1257267222.1715836153&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&eitems=ChAI8LqRsgYQoaS_qvXXjZ84Eh0Ar4sHtd87aOzNPrRbrxNv-fFUKbNAaEJplpYPyg&pscrd=IhMIxYGL47ORhgMVwazYBR23-wKmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs HTTP 302
  • https://www.google.com/pagead/1p-conversion/11295569087/?random=1960480659&cv=11&fst=1715836152811&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bigwin29.com%2F&label=w7WFCIGZq_wYEL_pkooq&hn=www.googleadservices.com&frm=0&tiba=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&value=0&npa=0&pscdl=noapi&auid=1257267222.1715836153&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIxYGL47ORhgMVwazYBR23-wKmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwB7FLtqz3zWsOJxbEBx5dsa83EGq35f8R8GUQ&eitems=ChAI8LqRsgYQoaS_qvXXjZ84Eh0Ar4sHtUJQqrx41Q4RKEaw788TDA2FXljOJQhYCw&random=401817094 HTTP 302
  • https://www.google.com.sg/pagead/1p-conversion/11295569087/?random=1960480659&cv=11&fst=1715836152811&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bigwin29.com%2F&label=w7WFCIGZq_wYEL_pkooq&hn=www.googleadservices.com&frm=0&tiba=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&value=0&npa=0&pscdl=noapi&auid=1257267222.1715836153&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIxYGL47ORhgMVwazYBR23-wKmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwB7FLtqz3zWsOJxbEBx5dsa83EGq35f8R8GUQ&eitems=ChAI8LqRsgYQoaS_qvXXjZ84Eh0Ar4sHtUJQqrx41Q4RKEaw788TDA2FXljOJQhYCw&random=401817094&ipr=y
Request Chain 83
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=39082DE4BA0C4FBA89B4109769F85C75&RedC=c.clarity.ms&MXFR=355518896BE0687B3B2B0C086FE066F7 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=39082DE4BA0C4FBA89B4109769F85C75&MUID=3F2C51CE135160111CBA454F125061A1

76 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
www.bigwin29.com/
Redirect Chain
  • http://vshop.tv/
  • https://vshop.tv/
  • https://www.bigwin29.com/
166 KB
36 KB
Document
General
Full URL
https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
393ab01f929532ddf368a4cfe0727f52180ec17f5aefb04f8053cba8d1f94193
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

age
96722
cache-control
max-age=31536000,public
content-encoding
br
content-type
text/html
date
Wed, 15 May 2024 02:17:11 GMT
etag
W/"7436ada8a6acf503e597e2cee149de72"
last-modified
Wed, 15 May 2024 02:15:03 GMT
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
referrer-policy
no-referrer
server
AmazonS3
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding Origin
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-amz-cf-id
0FDNTgrYBXqiHKf9PRWO4_5w6YqNgO8jAdJFV-fiKyih07836Vo0ng==
x-amz-cf-pop
SIN5-C1
x-cache
Hit from cloudfront
x-content-type-options
nosniff

Redirect headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
795
content-security-policy
upgrade-insecure-requests
content-type
text/html
date
Thu, 16 May 2024 05:09:12 GMT
location
https://www.bigwin29.com/
platform
hostinger
server
LiteSpeed
banner-raffleWinner-D_2TcC5h.webp
www.bigwin29.com/assets/
15 KB
15 KB
Image
General
Full URL
https://www.bigwin29.com/assets/banner-raffleWinner-D_2TcC5h.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
55bf3cf397d1e29fcff544dd08623bd6ef6cc790ee78c0cede257dcd79188a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96733
x-cache
Hit from cloudfront
content-length
15288
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:56 GMT
server
AmazonS3
etag
"bb6b6b5dc53da95e6b10948fedd84e0b"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
Ge6LayoTcP53tNMN0suAwJlTq2U9C8Mvv5tD5e_3NWeRC52kiMwNCA==
promo01-vBf9DWvG.webp
www.bigwin29.com/assets/
58 KB
58 KB
Image
General
Full URL
https://www.bigwin29.com/assets/promo01-vBf9DWvG.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3fc01b339ac79d3c65608a8a279de4ca4c17286bee6704b0f79098f5d90e6685
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96733
x-cache
Hit from cloudfront
content-length
58982
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:58 GMT
server
AmazonS3
etag
"aca3d02affb3593f3f2ca570b78e50d1"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
AeyCwzj6JwMzybwBGVnA33bmnBCHgu3zo_8sJmjr4WR0ogs_lzXcvw==
app-T8T4hJKi.js
www.bigwin29.com/assets/
333 KB
122 KB
Script
General
Full URL
https://www.bigwin29.com/assets/app-T8T4hJKi.js
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cb1c3c88f43fbc18031536d0e714456285019240f892bc3d9536c748660cc863
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:50 GMT
content-encoding
gzip
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
SIN5-C1
age
96683
x-cache
Hit from cloudfront
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:56 GMT
server
AmazonS3
etag
W/"859d0f0e4d7451b99d29e5fa0ca19cfb"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
s6MiTVpjv2KlOdchVIk6I3Fpchvz82nkXjpKaF_Zxzkpy2bK2LCs_w==
vendor-3CDpzM46.js
www.bigwin29.com/assets/
789 KB
246 KB
Script
General
Full URL
https://www.bigwin29.com/assets/vendor-3CDpzM46.js
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fadcfb2754c597eac7b51703fc93e7e6eb4f573591abea0ad157ecc9736f015a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
content-encoding
br
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
SIN5-C1
age
96733
x-cache
Hit from cloudfront
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:59 GMT
server
AmazonS3
etag
W/"7f4b4db8f28504ed7cca49ff73419a8d"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
IZxQr13OfZS_LLK7qALdAIqqeKSnSXCfRToaL3NxvDucsphIfQuKTQ==
vendor-Bn3lPJz-.css
www.bigwin29.com/assets/
5 KB
2 KB
Stylesheet
General
Full URL
https://www.bigwin29.com/assets/vendor-Bn3lPJz-.css
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3cafde88a1676626fe19941e14ee3b55482a573074655b1e816b47b9b831cd8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
content-encoding
br
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
SIN5-C1
age
96733
x-cache
Hit from cloudfront
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:59 GMT
server
AmazonS3
etag
W/"d9e48303910cf32a59be47d151ad0586"
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
GWKBtddbOD_Z86FDbEwIL0m-Vp_UjWvW2uzOtc9FeFEbSqSG7VSQaA==
app-DAz0ydXK.css
www.bigwin29.com/assets/
90 KB
20 KB
Stylesheet
General
Full URL
https://www.bigwin29.com/assets/app-DAz0ydXK.css
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
700cff99fdc2ebd95a59936c1f2f943263b43a86195ac682cfa31b4c8ed0f108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:50 GMT
content-encoding
gzip
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
SIN5-C1
age
96683
x-cache
Hit from cloudfront
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:56 GMT
server
AmazonS3
etag
W/"a1082930da86cf12b2df29c028de6c69"
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
-7cCHbt0B3NNguyDns5nbVHkQVCsuIa0ZAp4i2ZSzGGgheuLJoK09A==
logo-dScj_OUV.webp
www.bigwin29.com/assets/
18 KB
18 KB
Image
General
Full URL
https://www.bigwin29.com/assets/logo-dScj_OUV.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7071f78d2c3fcab69c92737d5b986bd010260bb51cca763f5828ed44caf5f740
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:50 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96683
x-cache
Hit from cloudfront
content-length
17952
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:58 GMT
server
AmazonS3
etag
"271178bc172824ead9cfa52826699603"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
umIB2E4x8Rjk7etBsaXya1Gl2HpSodlt65cvZcfP9LOPTc4xTmYGTg==
JILI.png
www.bigwin29.com/image/platform/RWBG/JILI/
17 KB
17 KB
Image
General
Full URL
https://www.bigwin29.com/image/platform/RWBG/JILI/JILI.png?
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8a83e40f3b979a32096b3b7c33b0167c474167e422ab724c3ed158129dc1a369
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96733
x-cache
Hit from cloudfront
content-length
16976
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:14:34 GMT
server
AmazonS3
etag
"70a8794799ff189e8b2ba65bf2960d45"
vary
Origin
content-type
image/png
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
nmhpu-IPOik4u7_An3K6wFOBAPLz0BCvPMH0rIg-l6rUyAi_XnQGEQ==
JDB.png
www.bigwin29.com/image/platform/RWBG/JDB/
6 KB
7 KB
Image
General
Full URL
https://www.bigwin29.com/image/platform/RWBG/JDB/JDB.png?
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3112fc0e8cdbac9dacce68ec6b29d6a5af6e3a64d16c4b14650a796ff4ff480b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96733
x-cache
Hit from cloudfront
content-length
6519
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:14:34 GMT
server
AmazonS3
etag
"3ba152e03aae84ffe53283e1796952a1"
vary
Origin
content-type
image/png
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
sSOyDlsylxT8S0k99jjtMrSKyyMbXHtKqsvk8r0waqJtg33CkanijA==
EVOLUTION.png
www.bigwin29.com/image/platform/RWBG/EVOLUTION/
12 KB
13 KB
Image
General
Full URL
https://www.bigwin29.com/image/platform/RWBG/EVOLUTION/EVOLUTION.png?
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3faf53dd84e59b4a859c3852ca41e2ee9d2dd73a6be332f7fdef5b3ad79df385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96733
x-cache
Hit from cloudfront
content-length
12515
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:14:33 GMT
server
AmazonS3
etag
"24a63e47ccc760b0a4d4cf41e41bed53"
vary
Origin
content-type
image/png
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
ZPWbJjyiWNrHLUHr-3PXF2wTXVDOyr14kp-etdOOY9Utk62BiO2euQ==
banner-branchphoto-D0eKcmCQ.webp
www.bigwin29.com/assets/
18 KB
18 KB
Image
General
Full URL
https://www.bigwin29.com/assets/banner-branchphoto-D0eKcmCQ.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
86524c361bdae7aef35d739c8b87955fb594bacb467cefea6a9037ed49bd2c20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96732
x-cache
Hit from cloudfront
content-length
18092
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:56 GMT
server
AmazonS3
etag
"4957e0edcd037235b8f3050b0d022ac4"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
O2KEfrNwmv55oJiFRd1J6S-vDz20PYElx3flx6Zw9RDxqDLiS61oig==
img-Pagcor-B5fmkakl.webp
www.bigwin29.com/assets/
18 KB
18 KB
Image
General
Full URL
https://www.bigwin29.com/assets/img-Pagcor-B5fmkakl.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
833ae58f14adbf1e7f1dd7c5f41d96a0fd6e926699f0df42f434251a22d22217
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96732
x-cache
Hit from cloudfront
content-length
18188
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:57 GMT
server
AmazonS3
etag
"4dc911834de207f88168f93357069ded"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
jyli5g0Fi-SCSxY9k4KttWHNg7oMQo7-4xRDitxXcXQm4RZPR5nwpQ==
loading-DVIU6iaf.webp
www.bigwin29.com/assets/
359 KB
359 KB
Image
General
Full URL
https://www.bigwin29.com/assets/loading-DVIU6iaf.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
01a5bdc925019d49168bd632c7ee0a582574a97465924bdfd98ffacf165db173
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96732
x-cache
Hit from cloudfront
content-length
367164
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:58 GMT
server
AmazonS3
etag
"aba7afc858121910246c3edacd11765e"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
H6m1dd6AAyHVpJzbCzPq2v0pk72zX_TSTIjOpkXATbL1kW5nj7qpag==
logo-pagcor-dark-BEKsnVz5.webp
www.bigwin29.com/assets/
9 KB
10 KB
Image
General
Full URL
https://www.bigwin29.com/assets/logo-pagcor-dark-BEKsnVz5.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c119301cc267f7cfc94a5b775d557021e05cc469417e3cb77a8c94b7219a7c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:27:08 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96125
x-cache
Hit from cloudfront
content-length
9180
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:58 GMT
server
AmazonS3
etag
"caa13c6fd1bf45647b2b6dc2ba84aeb7"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
KB19Hl3t28vP4gifHAoBGyJHYWZZeCWFiL7jhKsnijmG7dbIbAlbyg==
img-agelimit-Cvcj7Guk.webp
www.bigwin29.com/assets/
12 KB
13 KB
Image
General
Full URL
https://www.bigwin29.com/assets/img-agelimit-Cvcj7Guk.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dde0cd1af40948d5992cf13de7ef60641e293ab15d8bb5c87018a31b124f8aaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:01 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96732
x-cache
Hit from cloudfront
content-length
12474
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:57 GMT
server
AmazonS3
etag
"acf9813a745af0d2ff38661525c9d887"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
u-5T_BoVYmie1huG1aQAg1bYn4QYOH3KT97G9TvmW31uCLKrnMhzaQ==
gtm.js
www.googletagmanager.com/
262 KB
92 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5KGV7NL2
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
83ccdcebc2c88b499f0d424430a8670900e32c0d035da769f103fc1383043764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:09:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
94266
x-xss-protection
0
last-modified
Thu, 16 May 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 May 2024 05:09:12 GMT
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
truncated
/
698 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cbce567cf047fe5bcf42f225d88cbd8484206dbc80a0cac08700a9768063ba1

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fef6d72a448aa5e69f8b202f27141474d90244f2874090542edeabbeed29c27b

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
tracking.js
cdn.livechatinc.com/
90 KB
28 KB
Script
General
Full URL
https://cdn.livechatinc.com/tracking.js
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.52.40.83 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-52-40-83.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fc52bf6d802e099e32186c6962f7282a176273ed7d9d42ca67e50087ab79b234

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
6RmlXI5grAnm9B8Dw2FD4ulv865UDxIF
content-encoding
br
date
Thu, 16 May 2024 05:09:12 GMT
x-amz-cf-pop
SIN2-P1
x-amz-server-side-encryption
AES256
cross-origin-resource-policy
cross-origin
content-length
27783
last-modified
Wed, 15 May 2024 11:40:15 GMT
server
AmazonS3
etag
W/"07b68f78108c0dd3e052c3296ac713cf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=28800
x-amz-cf-id
8y_a4LcGO3ZFIpEQn1ciJ4HwfBrm-2JkryrRmHQUUDMROOtj4aJUtg==
expires
Thu, 16 May 2024 13:09:12 GMT
vendor-Bn3lPJz-.css
www.bigwin29.com/assets/
5 KB
530 B
Stylesheet
General
Full URL
https://www.bigwin29.com/assets/vendor-Bn3lPJz-.css
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3cafde88a1676626fe19941e14ee3b55482a573074655b1e816b47b9b831cd8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
SIN5-C1
age
96733
x-cache
Hit from cloudfront
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:59 GMT
server
AmazonS3
etag
W/"d9e48303910cf32a59be47d151ad0586"
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
kWecu7UWREHPJhPocv6cr-PmwpA2iQ4IApJP2_n68NfsQp6TiliZ3g==
bg-main-DB8mGKGv.jpg
www.bigwin29.com/assets/
90 KB
91 KB
Image
General
Full URL
https://www.bigwin29.com/assets/bg-main-DB8mGKGv.jpg
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7d62eb319382fa907e224a8cc9e873efcb9f9e0cc9226eb21186dbe15b5affe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.bigwin29.com/
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:41 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96692
x-cache
Hit from cloudfront
content-length
92560
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:57 GMT
server
AmazonS3
etag
"691ca7f40aaaaa591698f1d0ff1830f7"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
Nfa1Dq1RxlKPjA-qg2ZsBRxFMRUxdRN97vEtJ__r_QjCGPPoJzCm5Q==
KFOmCnqEu92Fr1Mu4mxK-mTIRXP6Y.woff2
www.bigwin29.com/assets/
15 KB
16 KB
Font
General
Full URL
https://www.bigwin29.com/assets/KFOmCnqEu92Fr1Mu4mxK-mTIRXP6Y.woff2
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.bigwin29.com/
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:01 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96732
x-cache
Hit from cloudfront
content-length
15744
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:56 GMT
server
AmazonS3
etag
"15d9f621c3bd1599f0169dcf0bd5e63e"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
B3UcuUzIsjqe6YKq5qhsW9888XejpQ5oUtDhr1B9IgnfbbdzK1hMmg==
KFOlCnqEu92Fr1MmEU9fBBc4-Dxdx3aXO.woff2
www.bigwin29.com/assets/
16 KB
16 KB
Font
General
Full URL
https://www.bigwin29.com/assets/KFOlCnqEu92Fr1MmEU9fBBc4-Dxdx3aXO.woff2
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.bigwin29.com/
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:01 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96732
x-cache
Hit from cloudfront
content-length
15920
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:55 GMT
server
AmazonS3
etag
"3a44e06eb954b96aa043227f3534189d"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
IK-ys6r063E-XmiCZqWZFWWeDvZsV08ZTChH6Oq6Ut5ZiHPI70G8QQ==
KFOlCnqEu92Fr1MmWUlfBBc4-CeM5gOv8.woff2
www.bigwin29.com/assets/
15 KB
16 KB
Font
General
Full URL
https://www.bigwin29.com/assets/KFOlCnqEu92Fr1MmWUlfBBc4-CeM5gOv8.woff2
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.bigwin29.com/
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:01 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96732
x-cache
Hit from cloudfront
content-length
15860
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:56 GMT
server
AmazonS3
etag
"e9f5aaf547f165386cd313b995dddd8e"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
NrcWv-ZsXHMZpxRW-iDIwacNLn5_8kJG5aLrIDLtUh3KEqZL6GRenw==
KFOmCnqEu92Fr1Mu7GxKOzY-4bLplyDh.woff2
www.bigwin29.com/assets/
12 KB
12 KB
Font
General
Full URL
https://www.bigwin29.com/assets/KFOmCnqEu92Fr1Mu7GxKOzY-4bLplyDh.woff2
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://www.bigwin29.com/
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:01 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96732
x-cache
Hit from cloudfront
content-length
11872
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:56 GMT
server
AmazonS3
etag
"87ace20058325aa069320aa4af875dff"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
STg6nwd44qJMV3UsJOFoHm1QO6ltiaE0C56xn1TMtBruptt8tb9EaA==
app-DAz0ydXK.css
www.bigwin29.com/assets/
90 KB
531 B
Stylesheet
General
Full URL
https://www.bigwin29.com/assets/app-DAz0ydXK.css
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
700cff99fdc2ebd95a59936c1f2f943263b43a86195ac682cfa31b4c8ed0f108
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:50 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
SIN5-C1
age
96683
x-cache
Hit from cloudfront
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:56 GMT
server
AmazonS3
etag
W/"a1082930da86cf12b2df29c028de6c69"
vary
Accept-Encoding, Origin
content-type
text/css
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
yfYwWGyK3Dvr1INCat-zIDQTYWneut15IaxxzJtFCHVfn4N8Fhd_Qg==
truncated
/
264 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dab4ffc61f26615ba14875a7d00254a040ae9bea31f3a8c992a412f3a158290d

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
262 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
988885fd1d052eb2ef98ddf1da2b8d4d80b61e956f3bcdf68884f552a01d271a

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
2 KB
2 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

Referer
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
js
www.googletagmanager.com/gtag/
312 KB
103 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-RNFRTDEC1J&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KGV7NL2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
930b17ffee8097cc723b71f2e4d0ec797785d04d6c16ab21be2d0c6b3d9a13fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:09:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105456
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 16 May 2024 05:09:12 GMT
js
www.googletagmanager.com/gtag/
229 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-11295569087&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KGV7NL2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a0010c8a7cf3de78dd1f9e97f72c9decf434350be28ab06d82e85c5d508f3c1c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:09:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84058
x-xss-protection
0
last-modified
Thu, 16 May 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 May 2024 05:09:12 GMT
destination
www.googletagmanager.com/gtag/
229 KB
82 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-11295569087&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KGV7NL2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1a::61 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7ad368514cfe72b9341ae57b8f03d6ff23d8d1886a5dc39c87144b3eb04d3aed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:09:12 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
84091
x-xss-protection
0
last-modified
Thu, 16 May 2024 03:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 May 2024 05:09:12 GMT
tfa.js
cdn.taboola.com/libtrc/unip/1644164/
69 KB
21 KB
Script
General
Full URL
https://cdn.taboola.com/libtrc/unip/1644164/tfa.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KGV7NL2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ceaaf2250628d6f224071ab6462f84d6340ce4838316e9c38785c2b6558dccb0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Wjj78kMHLmmKuVpq.Vc9U9fcURR1SafY
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 May 2024 05:09:12 GMT
x-amz-request-id
2HCA5K836JHRADYA
age
25
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
21508
x-amz-id-2
5FFcNqZGNLvklmAKAkS98WKJRcdJVb/mG1DNkZBSZxffX7Hkv639YK45RegRjlkE2a1WCBdSQOA=
x-served-by
cache-qpg120095-QPG
last-modified
Sun, 12 May 2024 11:03:09 GMT
server
AmazonS3
x-timer
S1715836152.394804,VS0,VE2
etag
"e154ce30f96bd55e7cd9819c0c9d0a37"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
68
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
1
fbevents.js
connect.facebook.net/en_US/
218 KB
59 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5KGV7NL2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 16 May 2024 05:09:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57845
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=3, rtx=0, c=12, mss=1294, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
lsfYTOXtJavlUUlSMbO71LeEu0aLz7x5q9WVRCGn0h6R64ql0c6IdKmqKnfRfWSzgBRHRX97tEMk5nwBSgILVA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
luts0x7z3l
www.clarity.ms/tag/
637 B
1002 B
Script
General
Full URL
https://www.clarity.ms/tag/luts0x7z3l?ref=gtm2
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9b81f35f6e4980ca730cab9bfa0ef1abe84700ab7fd8ce857b530e872bc699a6

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

expires
-1
date
Thu, 16 May 2024 05:09:12 GMT
x-azure-ref
20240516T050912Z-r1bf84cbd79wbdwk1e8ev8qhrc00000000rg00000000z460
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
637
request-context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
lifecycle-Bl6T7oex.js
www.bigwin29.com/assets/
3 KB
2 KB
Script
General
Full URL
https://www.bigwin29.com/assets/lifecycle-Bl6T7oex.js
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/assets/app-T8T4hJKi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8f126e045506277eff931c4058fef9ce9a4e9e7c8d9b354235dee4e01922d34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:03 GMT
content-encoding
br
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
SIN5-C1
age
96730
x-cache
Hit from cloudfront
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:58 GMT
server
AmazonS3
etag
W/"a56ce248fb343068ad3666f8b75708b3"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
iKwFuOk62ZoJFmc92B-1S9mgB82yOCCkWUtWavFlw5GVgL4JJWWaiQ==
truncated
/
42 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
info
wwwpl.bigwin29.com/player/app/
192 B
794 B
XHR
General
Full URL
https://wwwpl.bigwin29.com/player/app/info
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/assets/vendor-3CDpzM46.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.254.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-254-118.sin2.r.cloudfront.net
Software
/
Resource Hash
e95237b38a32d087dff4366150e975440d48243f8fffe7fa3140037fe9634ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; node=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:09:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 166ec48f4a102162fe7c4564d0e4d344.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P3
x-cache
Miss from cloudfront
content-length
192
x-xss-protection
1; node=block
referrer-policy
no-referrer
server
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bigwin29.com
access-control-expose-headers
VERSION
access-control-max-age
7200
access-control-allow-credentials
true
access-control-allow-headers
Authorization,content-type
x-amz-cf-id
SsXZjXUiCq_7VK_SEy5rjVjQDKyMb8ybVm9mykiUt7tpefVKv72okQ==
version
1715832575
maintain-CYJpHQJo.webp
www.bigwin29.com/assets/
4 KB
5 KB
Image
General
Full URL
https://www.bigwin29.com/assets/maintain-CYJpHQJo.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c1b0d3f82792bf511b6316c7421057a4bd8e640969c3f71815a79bfa7a4725e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96733
x-cache
Hit from cloudfront
content-length
4484
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:58 GMT
server
AmazonS3
etag
"b3f29347f7217c123bb19c197c6cd68e"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
T9tzPlV3mAzycN5_21g18iiKIl5AlSvw13VkwB3_NiXcZrUoPtUY4Q==
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2ca8b3346460f4b4245be31e120d5e62c3da531fc281b6190ea2e9ef5871fec4

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a2919ed1bd9f7c1fd93a7462937a769d3ad7cc160954ba4be7ca6e07d411c65

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
undefined
www.bigwin29.com/image/gameIcon/RWBG/
166 KB
166 KB
Image
General
Full URL
https://www.bigwin29.com/image/gameIcon/RWBG/undefined
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:00 GMT
content-encoding
br
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
SIN5-C1
age
96733
x-cache
Error from cloudfront
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:15:03 GMT
server
AmazonS3
etag
W/"7436ada8a6acf503e597e2cee149de72"
vary
Accept-Encoding, Origin
content-type
text/html
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
4KrhyUL1dyPRUoRn5Z7yAGEjeWJUS3IRKISrQDzp169c_ReXlA5gPQ==
NLC.png
www.bigwin29.com/image/platform/RWBG/NLC/
6 KB
6 KB
Image
General
Full URL
https://www.bigwin29.com/image/platform/RWBG/NLC/NLC.png?
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0863ae8d37fecd482a9727d31c306a8bced4b3423833c1bc0fd8f9a1486115fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:03 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96730
x-cache
Hit from cloudfront
content-length
5840
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:14:34 GMT
server
AmazonS3
etag
"3cbe3f06d05ade41a7a39217bb5301fe"
vary
Origin
content-type
image/png
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
9-d_3gOxZazcvCtdN6B5o7pTYzWQMWgxFsXMEyT5-DGlvk4vQus9NA==
RT.png
www.bigwin29.com/image/platform/RWBG/RT/
15 KB
16 KB
Image
General
Full URL
https://www.bigwin29.com/image/platform/RWBG/RT/RT.png?
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1dec54ee99c28ca55ea59ffa3aa74718176e991fd21a9d9192e437aa62d3fd77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:03 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96730
x-cache
Hit from cloudfront
content-length
15578
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:14:34 GMT
server
AmazonS3
etag
"abf6f07fc1c2fea81502a227754e41c1"
vary
Origin
content-type
image/png
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
kNKbTMgIBV_vtmDWubnTRopx-1_61J7z_nKl0EjCTN2VA0bxqkuoiQ==
NETENT.png
www.bigwin29.com/image/platform/RWBG/NETENT/
9 KB
10 KB
Image
General
Full URL
https://www.bigwin29.com/image/platform/RWBG/NETENT/NETENT.png?
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06e11de366bf0d09d714b3578aae991885b51401b6aa749efcd597eee2d4017e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:03 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96730
x-cache
Hit from cloudfront
content-length
9376
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:14:34 GMT
server
AmazonS3
etag
"64261c9b715c263570b2cafae1d4a1bb"
vary
Origin
content-type
image/png
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
6DOgwFif24LhDGl-ih5MY9SSYkxHOkRAcS8mjwrpKZvO-bzFYeHizw==
homepage
wwwpl.bigwin29.com/player/landing/
192 B
792 B
XHR
General
Full URL
https://wwwpl.bigwin29.com/player/landing/homepage
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/assets/vendor-3CDpzM46.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.254.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-254-118.sin2.r.cloudfront.net
Software
/
Resource Hash
e95237b38a32d087dff4366150e975440d48243f8fffe7fa3140037fe9634ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; node=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:09:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 166ec48f4a102162fe7c4564d0e4d344.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P3
x-cache
Miss from cloudfront
content-length
192
x-xss-protection
1; node=block
referrer-policy
no-referrer
server
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bigwin29.com
access-control-expose-headers
VERSION
access-control-max-age
7200
access-control-allow-credentials
true
access-control-allow-headers
Authorization,content-type
x-amz-cf-id
rx1YOA7YMbM-0P7F1rfPz2Y-pzV4hwUxV_RW1HYWVhKYeT2WyydUcQ==
version
1715832575
gameCategory
wwwpl.bigwin29.com/player/landing/
192 B
792 B
XHR
General
Full URL
https://wwwpl.bigwin29.com/player/landing/gameCategory
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/assets/vendor-3CDpzM46.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.254.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-254-118.sin2.r.cloudfront.net
Software
/
Resource Hash
e95237b38a32d087dff4366150e975440d48243f8fffe7fa3140037fe9634ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; node=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/json, text/plain, */*
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:09:12 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 166ec48f4a102162fe7c4564d0e4d344.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P3
x-cache
Miss from cloudfront
content-length
192
x-xss-protection
1; node=block
referrer-policy
no-referrer
server
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.bigwin29.com
access-control-expose-headers
VERSION
access-control-max-age
7200
access-control-allow-credentials
true
access-control-allow-headers
Authorization,content-type
x-amz-cf-id
TCCoSaDrufbCFR-bhkFyx0zTf5sx87TJJdO-q6d3ecXy98SS_6QBrQ==
version
1715832575
get_dynamic_configuration
api.livechatinc.com/v3.6/customer/action/
386 B
536 B
Script
General
Full URL
https://api.livechatinc.com/v3.6/customer/action/get_dynamic_configuration?license_id=15229659&client_id=c5e4f61e1a6c3b1521b541bc5c5a2ac5&url=https%3A%2F%2Fwww.bigwin29.com%2F&channel_type=code&implementation_type=potentially_gtm&jsonp=__zplmypaz10a
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.88.70.106 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-88-70-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
da628e2c25c43f638e4c65e95d9e90885bca73ed8133822132cdcf4159c0f5fc
Security Headers
Name Value
Content-Security-Policy frame-ancestors ;
X-Frame-Options allow-from

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
frame-ancestors ;
date
Thu, 16 May 2024 05:09:12 GMT
content-length
386
vary
Accept-Encoding
x-frame-options
allow-from
content-type
application/javascript; charset=UTF-8
promo13-lRje3YsZ.webp
www.bigwin29.com/assets/
35 KB
35 KB
Image
General
Full URL
https://www.bigwin29.com/assets/promo13-lRje3YsZ.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff5270506359dca887b702d38c99b0aba2a88f7c75b0e7a701c2612b5a59475e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:04 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96729
x-cache
Hit from cloudfront
content-length
35426
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:58 GMT
server
AmazonS3
etag
"61f2fd3da6136192c68770c1e8309343"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
aDBkEi1plT2AaqseFKL-dSWZfree609oFzSJSeCYbXaGphRNqXTWWg==
Forbidden-7nK15d_9.js
www.bigwin29.com/assets/
1 KB
1 KB
Script
General
Full URL
https://www.bigwin29.com/assets/Forbidden-7nK15d_9.js
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/assets/app-T8T4hJKi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
736c8927bfa9cf33239276b13e70d6babb41b7d962f489f8bace864f321ce380
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Origin
https://www.bigwin29.com
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 04:13:41 GMT
content-encoding
br
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-amz-cf-pop
SIN5-C1
age
89732
x-cache
Hit from cloudfront
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:55 GMT
server
AmazonS3
etag
W/"6c88c298e4316c7521d317ada4c51356"
vary
Accept-Encoding, Origin
content-type
application/javascript
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
0dNwdiT0effJCkAH6Po-quWg98rViE0s6OyZOrKXLsejrGc3BT8UdQ==
Forbidden-eM_xsaZK.css
www.bigwin29.com/assets/
462 B
1007 B
Stylesheet
General
Full URL
https://www.bigwin29.com/assets/Forbidden-eM_xsaZK.css
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/assets/app-T8T4hJKi.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
63341649123a0d3f36b192e5c0c5a5561ecbfbfcdaf13f8e0c5af6c01fde09be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 04:13:41 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
89732
x-cache
Hit from cloudfront
content-length
462
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:55 GMT
server
AmazonS3
etag
"38639cd059c9c46632932dea6d5b4cf8"
vary
Origin
content-type
text/css
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
zVfh6C8lmQRQLFPZQQjB-7dPW9yWQRFlyXP-ysxgKHk2xkPAoWdzCg==
collect
analytics.google.com/g/
0
255 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RNFRTDEC1J&gtm=45je45f0v9169527884z89165925874za200&_p=1715836152189&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&cid=707086026.1715836153&ecid=288200226&ul=zh-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_s=1&sid=1715836152&sct=1&seg=0&dl=https%3A%2F%2Fwww.bigwin29.com%2F&dt=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=752
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RNFRTDEC1J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bigwin29.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/
0
255 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-RNFRTDEC1J&cid=707086026.1715836153&gtm=45je45f0v9169527884z89165925874za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RNFRTDEC1J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c1c::9a Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:12 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bigwin29.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com.sg/ads/
42 B
408 B
Image
General
Full URL
https://www.google.com.sg/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-RNFRTDEC1J&cid=707086026.1715836153&gtm=45je45f0v9169527884z89165925874za200&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&z=1067523593
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:12 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
trc.taboola.com/1644164/trc/3/
3 KB
2 KB
Script
General
Full URL
https://trc.taboola.com/1644164/trc/3/json?tim=1715836152791&data=%7B%22id%22%3A467%2C%22ii%22%3A%22%2F%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1715836152780%2C%22cv%22%3A%2220240512-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.bigwin29.com%2F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dvisayagames-usd-network%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1715836152789%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.bigwin29.com%2F%22%2C%22tos%22%3A6%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1644164/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
932712ac26c595ad5db7c5ab0b05ede4782f17620b6becb2c0734cea309b9bf2

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
18
date
Thu, 16 May 2024 05:09:12 GMT
content-encoding
gzip
via
1.1 varnish
cpu
0.2621875
x-fastly-to-nlb-rtt
1851
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v2
x-served-by
cache-qpg120095-QPG
x-log-content-encoding
gzip
server
nginx
x-timer
S1715836153.799924,VS0,VE18
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
/
www.googleadservices.com/pagead/conversion/11295569087/
3 KB
2 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion/11295569087/?random=1715836152811&cv=11&fst=1715836152811&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bigwin29.com%2F&label=w7WFCIGZq_wYEL_pkooq&hn=www.googleadservices.com&frm=0&tiba=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&value=0&bttype=purchase&npa=0&pscdl=noapi&auid=1257267222.1715836153&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-11295569087&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.194.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f155.1e100.net
Software
cafe /
Resource Hash
2e77ce87c1187a00bad1362db833c414d27c2187aaa2479dad08117a9bf6dab3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1592
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
343114168543404
connect.facebook.net/signals/config/
57 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/343114168543404?v=2.9.156&r=stable&domain=www.bigwin29.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f00c:300:face:b00c:0:3 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
1fc44f80e02af37a76dc52f29dca158fb9e64f63c24377e3b39236fe11d81477
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 16 May 2024 05:09:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
12255
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=43, mss=1294, tbw=63335, tp=-1, tpl=-1, uplat=2, ullat=-1
pragma
public
x-fb-debug
eTnBeuZSCfjWj+QhmwXURaTcYGafTg9DHes9zoMuyt9bB6KalDAWrEcUvvYF9u2crAp78gPl6FGqoVw8QQ0vVg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/11295569087/
3 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11295569087/?random=1715836152879&cv=11&fst=1715836152879&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bigwin29.com%2F&hn=www.googleadservices.com&frm=0&tiba=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&npa=0&pscdl=noapi&auid=1257267222.1715836153&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-11295569087&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.130.154 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f154.1e100.net
Software
cafe /
Resource Hash
86be343aa2094f8f016ce7b6bbc3a32b832046bc2a86a2a1e8ab5f6bb2e53266
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:12 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1462
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
unip
trc.taboola.com/1644164/log/3/
0
719 B
XHR
General
Full URL
https://trc.taboola.com/1644164/log/3/unip?en=signup&tim=1715836152795&vi=1715836152780&ri=2d2369808a8d4345b3be955ff010df8d&sd=v2_550d268084aae59e0616702697d8e316_4d47ce30-06f3-4959-80bb-d1609de4db69-tuctd3f1a78_1715836152_1715836152_CNawjgYQhK1kGMzXt_73MSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaJ7L1YHN5NSY8gFwAQ&ui=4d47ce30-06f3-4959-80bb-d1609de4db69-tuctd3f1a78&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fwww.bigwin29.com%2F&tos=134&ssd=1&scd=0
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1644164/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-vcl-time-ms
3
date
Thu, 16 May 2024 05:09:12 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
1666
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-qpg120095-QPG
pragma
no-cache
server
nginx
x-timer
S1715836153.923238,VS0,VE3
content-type
image/gif
access-control-allow-origin
https://www.bigwin29.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
cds-pips.js
cdn.taboola.com/scripts/
3 KB
2 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1644164/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 May 2024 05:09:12 GMT
x-amz-request-id
C5HZY4KNRHGPDF4R
age
1906
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1347
x-amz-id-2
cajX2vgvUsMpH4SgR1Wjmuxc4QhD4N8KUH5GI47BXwcO606jT6pmn232RKxVbfgakTOitIb7mow=
x-served-by
cache-qpg120095-QPG
last-modified
Sun, 29 Oct 2023 14:06:32 GMT
server
AmazonS3
x-timer
S1715836153.923193,VS0,VE0
etag
"c52aa1ea682aef8ad5ebf7aff9662e35"
vary
Accept-Encoding
content-type
application/javascript
abp
20
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
8398
eid.es5.js
cdn.taboola.com/scripts/
17 KB
7 KB
Script
General
Full URL
https://cdn.taboola.com/scripts/eid.es5.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1644164/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
Bqo64Ai0BniIkPPSnUb8_cZLJGu.sClo
content-encoding
gzip
via
1.1 varnish
date
Thu, 16 May 2024 05:09:12 GMT
x-amz-request-id
Y7D436P9DZH374V5
age
27609
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
6467
x-amz-id-2
RUYkzM5GpJ1KS2v7xA+0m68oPpV7+ogt1NaA+n6CMT8GXxeu6H3NsRbedhFOK6tY8RoEZwqzESo=
x-served-by
cache-qpg120095-QPG
last-modified
Sun, 02 Apr 2023 13:09:57 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1715836153.923868,VS0,VE0
etag
"2fdf3e79d5e851201a0d52a886453d8b"
vary
Accept-Encoding
content-type
application/javascript
abp
95
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
8466180
icon-error-NQetCyCP.webp
www.bigwin29.com/assets/
86 KB
87 KB
Image
General
Full URL
https://www.bigwin29.com/assets/icon-error-NQetCyCP.webp
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0c52bafe357f217eb9930290a78cea57111ba34197099332255eaa6c5e663831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 04:13:41 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
89732
x-cache
Hit from cloudfront
content-length
88540
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:57 GMT
server
AmazonS3
etag
"6973aa6c84ca676e3780214aa1bec160"
vary
Origin
content-type
binary/octet-stream
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
MlbxmXsCnJ5kufzcmwCbZvoCY6XnGYeKF7YAWw72osf_yxNv16sQqQ==
/
www.google.com.sg/pagead/1p-conversion/11295569087/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/11295569087/?random=1960480659&cv=11&fst=1715836152811&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za201&gcd=13l3l3...
  • https://www.google.com/pagead/1p-conversion/11295569087/?random=1960480659&cv=11&fst=1715836152811&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u...
  • https://www.google.com.sg/pagead/1p-conversion/11295569087/?random=1960480659&cv=11&fst=1715836152811&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za201&gcd=13l3l3l3l1&dma=0&u_w=160...
42 B
64 B
Image
General
Full URL
https://www.google.com.sg/pagead/1p-conversion/11295569087/?random=1960480659&cv=11&fst=1715836152811&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bigwin29.com%2F&label=w7WFCIGZq_wYEL_pkooq&hn=www.googleadservices.com&frm=0&tiba=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&value=0&npa=0&pscdl=noapi&auid=1257267222.1715836153&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIxYGL47ORhgMVwazYBR23-wKmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwB7FLtqz3zWsOJxbEBx5dsa83EGq35f8R8GUQ&eitems=ChAI8LqRsgYQoaS_qvXXjZ84Eh0Ar4sHtUJQqrx41Q4RKEaw788TDA2FXljOJQhYCw&random=401817094&ipr=y
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Protocol
H3
Server
74.125.68.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sc-in-f94.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.com.sg/pagead/1p-conversion/11295569087/?random=1960480659&cv=11&fst=1715836152811&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za201&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bigwin29.com%2F&label=w7WFCIGZq_wYEL_pkooq&hn=www.googleadservices.com&frm=0&tiba=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&value=0&npa=0&pscdl=noapi&auid=1257267222.1715836153&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&fmt=3&ct_cookie_present=false&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIxYGL47ORhgMVwazYBR23-wKmMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs&is_vtc=1&cid=CAQSGwB7FLtqz3zWsOJxbEBx5dsa83EGq35f8R8GUQ&eitems=ChAI8LqRsgYQoaS_qvXXjZ84Eh0Ar4sHtUJQqrx41Q4RKEaw788TDA2FXljOJQhYCw&random=401817094&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bg-forbidden-FO0p4Oh9.jpg
www.bigwin29.com/assets/
531 KB
532 KB
Image
General
Full URL
https://www.bigwin29.com/assets/bg-forbidden-FO0p4Oh9.jpg
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/assets/app-DAz0ydXK.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
100f32f5b89dc73921d3d7f689877d2940ed8ad5e71f437a88a8d42ea2a47f5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:27:08 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96125
x-cache
Hit from cloudfront
content-length
543832
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:57 GMT
server
AmazonS3
etag
"6e3bd461e84c057ebd47bdcf0b78de4c"
vary
Origin
content-type
image/jpeg
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
Pa-BnpzLJbdlm01FCt6wquk6Bd_6Ti7og_yLLob1cJhEB0BCrGUMbA==
1749362995544709
connect.facebook.net/signals/config/
21 KB
3 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1749362995544709?v=2.9.156&r=stable&domain=www.bigwin29.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.235.1 Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-04-sin6.fbcdn.net
Software
/
Resource Hash
7923bd12a0b25dde826bef82161c8bc96613723f5d515732d23bbc5e3f54ea06
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Thu, 16 May 2024 05:09:12 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3133
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=3, rtx=0, c=23, mss=1232, tbw=4606, tp=11, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
J6oZ7pflbWxoOlSHKVBVfuDddAKHOuM4mVSvCXUgRRCFkhf3H0i7yxVy5+gcMLD2uz+52w9uBQ81e3DCZgLwWA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=343114168543404&ev=PageView&dl=https%3A%2F%2Fwww.bigwin29.com%2Fforbidden%3Fstatus%3D1029%26desc%3DYour%2520IP%2520address%2520is%2520not%2520allowed.%2520Kindly%2520inform%2520customer%2520service%2520for%2520assistance.&rl=&if=false&ts=1715836152958&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1715836152956.1166297492&ler=empty&cdl=API_unavailable&it=1715836152848&coo=false&tm=1&rqm=GET
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1294, tbw=2777, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 16 May 2024 05:09:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
truncated
/
2 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
73bc662d3a76d0b0577d04b59518d0e944cb05df7d23b53320d874c7f0144d07

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6fb0bcb27844e0e3b085a752ed1102bc59e61dda3c902d11002f659c604f8804

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
82a72230353ad9cc4f7f3c04ea901c8479ac23ad9092f8120edbb0b3562514d3

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a8e11009fae76eab3e05e535a8c52e4024f6eb4a46c788dcc5f1b1033991a8c0

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2528943ad0d94f54aefb09d2c5e35b092e7fed6a9af54e19b36822f2f8720941

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/webp
/
pips.taboola.com/
64 B
241 B
XHR
General
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
d491dc5f8346507965a6d0110ab9c86549c8d112a5bd2caf668a4d7884e01e7f

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-served-by
cache-maa10230-MAA
date
Thu, 16 May 2024 05:09:13 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.bigwin29.com
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
/
www.google.com/pagead/1p-user-list/11295569087/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/11295569087/?random=1715836152879&cv=11&fst=1715835600000&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bigwin29.com%2F&hn=www.googleadservices.com&frm=0&tiba=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&npa=0&pscdl=noapi&auid=1257267222.1715836153&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqeZHDK0KRuAwLFL0S0u3PywPd31rYSA&random=2539208738&rmt_tld=0&ipr=y
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.106 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com.sg/pagead/1p-user-list/11295569087/
42 B
154 B
Image
General
Full URL
https://www.google.com.sg/pagead/1p-user-list/11295569087/?random=1715836152879&cv=11&fst=1715835600000&bg=ffffff&guid=ON&async=1&gtm=45be45f0v9172404130z89165925874za200&gcd=13l3l3l3l1&dma=0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.bigwin29.com%2F&hn=www.googleadservices.com&frm=0&tiba=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&npa=0&pscdl=noapi&auid=1257267222.1715836153&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&fdr=QA&data=event%3Dgtag.config&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwB7FLtqeZHDK0KRuAwLFL0S0u3PywPd31rYSA&random=2539208738&rmt_tld=1&ipr=y
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4003:c03::5e Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:13 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
clarity.js
www.clarity.ms/s/0.7.34/
61 KB
26 KB
Script
General
Full URL
https://www.clarity.ms/s/0.7.34/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/luts0x7z3l?ref=gtm2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::59 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:09:13 GMT
content-encoding
br
last-modified
Wed, 15 May 2024 11:08:13 GMT
etag
W/"0x8DC74CF502F224C"
vary
Accept-Encoding
x-azure-ref
20240516T050913Z-r1bf84cbd79wbdwk1e8ev8qhrc00000000rg00000000z47g
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
ae21d01d-001e-0079-47e5-a6d2ff000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
x-fd-int-roxy-purgeid
51562430
/
www.facebook.com/tr/
0
32 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1749362995544709&ev=PageView&dl=https%3A%2F%2Fwww.bigwin29.com%2Fforbidden%3Fstatus%3D1029%26desc%3DYour%2520IP%2520address%2520is%2520not%2520allowed.%2520Kindly%2520inform%2520customer%2520service%2520for%2520assistance.&rl=&if=false&ts=1715836152980&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1715836152956.1166297492&ler=empty&cdl=API_unavailable&it=1715836152848&coo=false&tm=1&rqm=GET
Requested by
Host: www.bigwin29.com
URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f10c:381:face:b00c:0:25de Singapore, Singapore, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=25, rtx=0, c=10, mss=1294, tbw=2777, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Thu, 16 May 2024 05:09:13 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
get_configuration
api.livechatinc.com/v3.4/customer/action/
5 KB
2 KB
Script
General
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_configuration?organization_id=e801c7ca-4bbb-45e9-b01c-f1b9629c327a&version=540.1.1.46.67.55.8.1.1.1.1.15.2&group_id=0&jsonp=__lc_static_config
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.88.70.106 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-88-70-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
79ccc710acbe200096cd16d70d4c2852968b9f96991a75a787b6186d41710b15

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:09:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=600
content-length
1545
expires
Thu, 16 May 2024 05:19:13 GMT
/
cds.taboola.com/
0
82 B
XHR
General
Full URL
https://cds.taboola.com/?uid=4d47ce30-06f3-4959-80bb-d1609de4db69-tuctd3f1a78&uad=90ba6df4a03d5cf38eefa0c0239f20da47e5903f77f54759f2051ac73b2c9d26&ptf=V2luMzI=&ptfv=MTAuMC4w&ufv=MTI0LjAuNjM2Ny4yMDE=&bnd=R29vZ2xlIENocm9tZQ==&bndv=MTI0&bnd=Tm90OkEtQnJhbmQ=&bndv=OA==&bnd=Q2hyb21pdW0=&bndv=MTI0&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
*
date
Thu, 16 May 2024 05:09:13 GMT
cache-control
no-store
server
nginx
collect
s.clarity.ms/
0
296 B
XHR
General
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.bigwin29.com
Date
Thu, 16 May 2024 05:09:13 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
collect
s.clarity.ms/
0
296 B
XHR
General
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.bigwin29.com
Date
Thu, 16 May 2024 05:09:14 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
open_chat
secure.livechatinc.com/customer/action/ Frame D688
0
0
Document
General
Full URL
https://secure.livechatinc.com/customer/action/open_chat?license_id=15229659&group=0&embedded=1&widget_version=3&unique_groups=0
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.88.70.106 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-88-70-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Length
2600
Content-Type
text/html; charset=utf-8
Date
Thu, 16 May 2024 05:09:13 GMT
Vary
Accept-Encoding
get_localization
api.livechatinc.com/v3.4/customer/action/
11 KB
4 KB
Script
General
Full URL
https://api.livechatinc.com/v3.4/customer/action/get_localization?organization_id=e801c7ca-4bbb-45e9-b01c-f1b9629c327a&version=384c496c023913b78d3837c106ac447e_4fde0a73f4e3df1a245c974db768a565&language=en&group_id=0&jsonp=__lc_localization
Requested by
Host: cdn.livechatinc.com
URL: https://cdn.livechatinc.com/tracking.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.88.70.106 Singapore, Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-88-70-106.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
7d8115246234367fecb25af588bbd29ffe6dc1e7a11e9da1036e441b7f89bba4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 16 May 2024 05:09:13 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
legacy
2024-05-31
cache-control
public, max-age=600
content-length
3925
expires
Thu, 16 May 2024 05:19:13 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=39082DE4BA0C4FBA89B4109769F85C75&RedC=c.clarity.ms&MXFR=355518896BE0687B3B2B0C086FE066F7
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=39082DE4BA0C4FBA89B4109769F85C75&MUID=3F2C51CE135160111CBA454F125061A1
42 B
442 B
Image
General
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=39082DE4BA0C4FBA89B4109769F85C75&MUID=3F2C51CE135160111CBA454F125061A1
Protocol
H2
Server
20.205.115.81 Hong Kong, Hong Kong, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
zh-SG,zh;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:13 GMT
last-modified
Fri, 01 Mar 2024 20:23:14 GMT
server
Microsoft-IIS/10.0
etag
"4113e049166cda1:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:13 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: B8B281062068461ABF6E08DF8B48BF6F Ref B: SIN30EDGE0413 Ref C: 2024-05-16T05:09:13Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=39082DE4BA0C4FBA89B4109769F85C75&MUID=3F2C51CE135160111CBA454F125061A1
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
favicon.ico
www.bigwin29.com/
17 KB
17 KB
Other
General
Full URL
https://www.bigwin29.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.18.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-18-46.sin5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cd7121db00cb2a47c37a3602882662dbcf0ec3486e4fa324fb4e9f3c364c87fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 02:17:08 GMT
via
1.1 14193a789201b44415bebb86f9e5fe9c.cloudfront.net (CloudFront)
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
SIN5-C1
age
96726
x-cache
Hit from cloudfront
content-length
16958
referrer-policy
no-referrer
last-modified
Wed, 15 May 2024 02:13:59 GMT
server
AmazonS3
etag
"20b5b41e7b5e961b47df6d738f5e4a3e"
vary
Origin
content-type
image/vnd.microsoft.icon
cache-control
max-age=31536000,public
permissions-policy
geolocation=(),midi=(),sync-xhr=(*),microphone=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
x-amz-cf-id
m8M-3O9DW2Z8nYSjnjGprQG0_v4wR99j1Nn3bEd_PYzkq3bDFKV5xQ==
unip
trc-events.taboola.com/1644164/log/3/
0
634 B
XHR
General
Full URL
https://trc-events.taboola.com/1644164/log/3/unip?en=pre_d_eng_tb&tos=1630&scd=0&ssd=2&est=1715836152784&ver=36&isls=true&src=i&invt=1500&msa=864&rv=1&tim=1715836154414&vi=1715836152780&ri=2d2369808a8d4345b3be955ff010df8d&sd=v2_550d268084aae59e0616702697d8e316_4d47ce30-06f3-4959-80bb-d1609de4db69-tuctd3f1a78_1715836152_1715836152_CNawjgYQhK1kGMzXt_73MSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaJ7L1YHN5NSY8gFwAQ&ui=4d47ce30-06f3-4959-80bb-d1609de4db69-tuctd3f1a78&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fwww.bigwin29.com%2Fforbidden%3Fstatus%3D1029%26desc%3DYour%2520IP%2520address%2520is%2520not%2520allowed.%2520Kindly%2520inform%2520customer%2520service%2520for%2520assistance.
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1644164/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.bigwin29.com
pragma
no-cache
date
Thu, 16 May 2024 05:09:14 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
s.clarity.ms/
0
296 B
XHR
General
Full URL
https://s.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.34/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.96.124.68 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept
application/x-clarity-gzip
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Access-Control-Allow-Origin
https://www.bigwin29.com
Date
Thu, 16 May 2024 05:09:15 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:b1d896b3-bec7-448b-b764-240152e813e8
unip
trc-events.taboola.com/1644164/log/3/
0
633 B
XHR
General
Full URL
https://trc-events.taboola.com/1644164/log/3/unip?en=pre_d_eng_tb&tos=4632&scd=0&ssd=2&est=1715836152784&ver=36&isls=true&src=i&invt=3000&msa=864&rv=1&tim=1715836157416&vi=1715836152780&ri=2d2369808a8d4345b3be955ff010df8d&sd=v2_550d268084aae59e0616702697d8e316_4d47ce30-06f3-4959-80bb-d1609de4db69-tuctd3f1a78_1715836152_1715836152_CNawjgYQhK1kGMzXt_73MSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaJ7L1YHN5NSY8gFwAQ&ui=4d47ce30-06f3-4959-80bb-d1609de4db69-tuctd3f1a78&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fwww.bigwin29.com%2Fforbidden%3Fstatus%3D1029%26desc%3DYour%2520IP%2520address%2520is%2520not%2520allowed.%2520Kindly%2520inform%2520customer%2520service%2520for%2520assistance.
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1644164/tfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://www.bigwin29.com
pragma
no-cache
date
Thu, 16 May 2024 05:09:17 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
collect
analytics.google.com/g/
0
45 B
Ping
General
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-RNFRTDEC1J&gtm=45je45f0v9169527884za200&_p=1715836152189&gcd=13l3l3l3l1&npa=0&dma=0&cid=707086026.1715836153&ecid=288200226&ul=zh-sg&sr=1600x1200&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=AEA&_s=2&dl=https%3A%2F%2Fwww.bigwin29.com%2Fforbidden%3Fstatus%3D1029%26desc%3DYour%2520IP%2520address%2520is%2520not%2520allowed.%2520Kindly%2520inform%2520customer%2520service%2520for%2520assistance.&dr=https%3A%2F%2Fwww.bigwin29.com%2F&sid=1715836152&sct=1&seg=1&dt=BIGWIN29%20Online%20Games%20Philippines%20%7C%20PAGCOR%20Licensed!&en=page_view&_et=1158&tfd=6919
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-RNFRTDEC1J&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
Accept-Language
zh-SG,zh;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Thu, 16 May 2024 05:09:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bigwin29.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| dataLayer string| __INITIAL_STATE__ object| __lc object| LiveChatWidget function| Fingerprint function| javaHashCode object| fingerprint number| char object| google_tag_manager object| google_tag_data object| __tfa_pixel_init object| _tfa function| fbq function| _fbq object| _fbq_gtm_ids function| clarity object| __VUE_INSTANCE_SETTERS__ object| __VUE_SSR_SETTERS__ boolean| __VUE__ boolean| __lc_inited object| LC_API function| onYouTubeIframeAPIReady object| gaGlobal function| _typeof object| TFASC object| TRC object| _taboola number| taboola_view_id object| TRCImpl function| __trcError object| GooglebQhCsO function| __trcWarn function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray

24 Cookies

Domain/Path Name / Value
.taboola.com/visayagames-usd-network/ Name: taboola_session_id
Value: v2_550d268084aae59e0616702697d8e316_4d47ce30-06f3-4959-80bb-d1609de4db69-tuctd3f1a78_1715836152_1715836152_CNawjgYQhK1kGMzXt_73MSABKAEwwAE4t4gNQOKaEEjXiNcDUP___________wFYAGAAaJ7L1YHN5NSY8gFwAQ
.accounts.livechatinc.com/v2/customer/token Name: __lc_cid
Value: 7ab4e50c-b7dd-46ef-9e6e-747a469dd9ac
.accounts.livechatinc.com/v2/customer/token Name: __lc_cst
Value: f48299601d478fba55fd95d9dccad27ad6b0736308816326596a97c5c7062bdf6a6e9f5c0eeb11306b4e848534048e1617cf3b41e14bb92d2a871b21a492
.accounts.livechatinc.com/customer/token Name: __lc_cid
Value: 7ab4e50c-b7dd-46ef-9e6e-747a469dd9ac
.accounts.livechatinc.com/customer/token Name: __lc_cst
Value: f48299601d478fba55fd95d9dccad27ad6b0736308816326596a97c5c7062bdf6a6e9f5c0eeb11306b4e848534048e1617cf3b41e14bb92d2a871b21a492
.bigwin29.com/ Name: _ga
Value: GA1.1.707086026.1715836153
.bigwin29.com/ Name: _gcl_au
Value: 1.1.1257267222.1715836153
.taboola.com/ Name: t_gid
Value: 4d47ce30-06f3-4959-80bb-d1609de4db69-tuctd3f1a78
.taboola.com/ Name: t_pt_gid
Value: 4d47ce30-06f3-4959-80bb-d1609de4db69-tuctd3f1a78
.taboola.com/ Name: receive-cookie-deprecation
Value: 1
www.clarity.ms/ Name: CLID
Value: 6761b48cd4aa4606bd36ebb9b1f55d74.20240516.20250516
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bigwin29.com/ Name: _fbp
Value: fb.1.1715836152956.1166297492
.bigwin29.com/ Name: _clck
Value: oa3ylo%7C2%7Cflt%7C0%7C1597
.bigwin29.com/ Name: _ga_RNFRTDEC1J
Value: GS1.1.1715836152.1.1.1715836153.59.0.288200226
.bing.com/ Name: MUID
Value: 3F2C51CE135160111CBA454F125061A1
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 3F2C51CE135160111CBA454F125061A1
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 3F2C51CE135160111CBA454F125061A1
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.bigwin29.com/ Name: _clsk
Value: 151n70o%7C1715836154033%7C1%7C1%7Cs.clarity.ms%2Fcollect
accounts.livechatinc.com/ Name: __oauth_redirect_detector
Value: counter=1&t=1715836183&tag=54f1819c86f183a260f99ba5b076e1f54cc756c9

31 Console Messages

Source Level URL
Text
other warning URL: https://www.bigwin29.com/
Message:
A preload for 'https://www.bigwin29.com/assets/vendor-Bn3lPJz-.css' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://www.bigwin29.com/
Message:
A preload for 'https://www.bigwin29.com/assets/app-DAz0ydXK.css' is found, but is not used because the request credentials mode does not match. Consider taking a look at crossorigin attribute.
other warning URL: https://www.bigwin29.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://connect.facebook.net/signals/config/343114168543404?v=2.9.156&r=stable&domain=www.bigwin29.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://cdn.livechatinc.com/tracking.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://www.bigwin29.com/forbidden?status=1029&desc=Your%20IP%20address%20is%20not%20allowed.%20Kindly%20inform%20customer%20service%20for%20assistance.
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
api.livechatinc.com
c.bing.com
c.clarity.ms
cdn.livechatinc.com
cdn.taboola.com
cds.taboola.com
connect.facebook.net
googleads.g.doubleclick.net
pips.taboola.com
s.clarity.ms
secure.livechatinc.com
stats.g.doubleclick.net
trc-events.taboola.com
trc.taboola.com
vshop.tv
www.bigwin29.com
www.clarity.ms
www.facebook.com
www.google.com
www.google.com.sg
www.googleadservices.com
www.googletagmanager.com
wwwpl.bigwin29.com
104.88.70.106
108.157.254.118
13.35.18.46
141.226.224.32
141.226.229.48
142.251.10.106
151.101.129.44
157.240.235.1
172.217.194.155
20.205.115.81
2001:4860:4802:36::181
23.52.40.83
23.96.124.68
2404:6800:4003:c03::5e
2404:6800:4003:c1a::61
2404:6800:4003:c1c::9a
2620:1ec:bdf::59
2620:1ec:c11::237
2a02:4780:3:707:0:3938:d729:5
2a03:2880:f00c:300:face:b00c:0:3
2a03:2880:f10c:381:face:b00c:0:25de
2a04:4e42::300
74.125.130.154
74.125.68.94
01a5bdc925019d49168bd632c7ee0a582574a97465924bdfd98ffacf165db173
06e11de366bf0d09d714b3578aae991885b51401b6aa749efcd597eee2d4017e
0863ae8d37fecd482a9727d31c306a8bced4b3423833c1bc0fd8f9a1486115fb
0c1b0d3f82792bf511b6316c7421057a4bd8e640969c3f71815a79bfa7a4725e
0c52bafe357f217eb9930290a78cea57111ba34197099332255eaa6c5e663831
100f32f5b89dc73921d3d7f689877d2940ed8ad5e71f437a88a8d42ea2a47f5d
12b5eaccd8a9d81a6a12512566d2b72aa7c100b4a261a08ee6aae4679a9e36b4
1dec54ee99c28ca55ea59ffa3aa74718176e991fd21a9d9192e437aa62d3fd77
1fc44f80e02af37a76dc52f29dca158fb9e64f63c24377e3b39236fe11d81477
2528943ad0d94f54aefb09d2c5e35b092e7fed6a9af54e19b36822f2f8720941
2ca8b3346460f4b4245be31e120d5e62c3da531fc281b6190ea2e9ef5871fec4
2cbce567cf047fe5bcf42f225d88cbd8484206dbc80a0cac08700a9768063ba1
2e77ce87c1187a00bad1362db833c414d27c2187aaa2479dad08117a9bf6dab3
3112fc0e8cdbac9dacce68ec6b29d6a5af6e3a64d16c4b14650a796ff4ff480b
393ab01f929532ddf368a4cfe0727f52180ec17f5aefb04f8053cba8d1f94193
3c119301cc267f7cfc94a5b775d557021e05cc469417e3cb77a8c94b7219a7c6
3c23eb02de6b34e30f18cfb7167abd81a2cedfd1da60dfcb71989517ab3fb431
3cafde88a1676626fe19941e14ee3b55482a573074655b1e816b47b9b831cd8f
3faf53dd84e59b4a859c3852ca41e2ee9d2dd73a6be332f7fdef5b3ad79df385
3fc01b339ac79d3c65608a8a279de4ca4c17286bee6704b0f79098f5d90e6685
55bf3cf397d1e29fcff544dd08623bd6ef6cc790ee78c0cede257dcd79188a2f
63341649123a0d3f36b192e5c0c5a5561ecbfbfcdaf13f8e0c5af6c01fde09be
6a2919ed1bd9f7c1fd93a7462937a769d3ad7cc160954ba4be7ca6e07d411c65
6fb0bcb27844e0e3b085a752ed1102bc59e61dda3c902d11002f659c604f8804
700cff99fdc2ebd95a59936c1f2f943263b43a86195ac682cfa31b4c8ed0f108
7071f78d2c3fcab69c92737d5b986bd010260bb51cca763f5828ed44caf5f740
736c8927bfa9cf33239276b13e70d6babb41b7d962f489f8bace864f321ce380
73bc662d3a76d0b0577d04b59518d0e944cb05df7d23b53320d874c7f0144d07
7923bd12a0b25dde826bef82161c8bc96613723f5d515732d23bbc5e3f54ea06
79ccc710acbe200096cd16d70d4c2852968b9f96991a75a787b6186d41710b15
7ad368514cfe72b9341ae57b8f03d6ff23d8d1886a5dc39c87144b3eb04d3aed
7d62eb319382fa907e224a8cc9e873efcb9f9e0cc9226eb21186dbe15b5affe6
7d8115246234367fecb25af588bbd29ffe6dc1e7a11e9da1036e441b7f89bba4
82a72230353ad9cc4f7f3c04ea901c8479ac23ad9092f8120edbb0b3562514d3
833ae58f14adbf1e7f1dd7c5f41d96a0fd6e926699f0df42f434251a22d22217
83ccdcebc2c88b499f0d424430a8670900e32c0d035da769f103fc1383043764
86524c361bdae7aef35d739c8b87955fb594bacb467cefea6a9037ed49bd2c20
86be343aa2094f8f016ce7b6bbc3a32b832046bc2a86a2a1e8ab5f6bb2e53266
8a83e40f3b979a32096b3b7c33b0167c474167e422ab724c3ed158129dc1a369
8f126e045506277eff931c4058fef9ce9a4e9e7c8d9b354235dee4e01922d34f
930b17ffee8097cc723b71f2e4d0ec797785d04d6c16ab21be2d0c6b3d9a13fe
932712ac26c595ad5db7c5ab0b05ede4782f17620b6becb2c0734cea309b9bf2
988885fd1d052eb2ef98ddf1da2b8d4d80b61e956f3bcdf68884f552a01d271a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9b81f35f6e4980ca730cab9bfa0ef1abe84700ab7fd8ce857b530e872bc699a6
a0010c8a7cf3de78dd1f9e97f72c9decf434350be28ab06d82e85c5d508f3c1c
a8e11009fae76eab3e05e535a8c52e4024f6eb4a46c788dcc5f1b1033991a8c0
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
cb1c3c88f43fbc18031536d0e714456285019240f892bc3d9536c748660cc863
cd7121db00cb2a47c37a3602882662dbcf0ec3486e4fa324fb4e9f3c364c87fe
ceaaf2250628d6f224071ab6462f84d6340ce4838316e9c38785c2b6558dccb0
d491dc5f8346507965a6d0110ab9c86549c8d112a5bd2caf668a4d7884e01e7f
da628e2c25c43f638e4c65e95d9e90885bca73ed8133822132cdcf4159c0f5fc
dab4ffc61f26615ba14875a7d00254a040ae9bea31f3a8c992a412f3a158290d
dde0cd1af40948d5992cf13de7ef60641e293ab15d8bb5c87018a31b124f8aaf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e95237b38a32d087dff4366150e975440d48243f8fffe7fa3140037fe9634ca6
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fadcfb2754c597eac7b51703fc93e7e6eb4f573591abea0ad157ecc9736f015a
fc52bf6d802e099e32186c6962f7282a176273ed7d9d42ca67e50087ab79b234
fef6d72a448aa5e69f8b202f27141474d90244f2874090542edeabbeed29c27b
ff5270506359dca887b702d38c99b0aba2a88f7c75b0e7a701c2612b5a59475e
fffc6ed23cfeabaaace717503bfabd907816869c8c5ff38a2127b8284e8c5988