dewi368.mstenergy.xyz Open in urlscan Pro
172.67.172.48 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki
Effective URL:
https://dewi368.mstenergy.xyz/
Submission Tags: @phish_report
Submission: On June 07 via api (June 7th 2024, 7:58:13 am UTC) from FI — Scanned from FI

Summary HTTP 102 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 15 IPs in 6 countries across 16 domains to perform 102 HTTP transactions. The main IP is 172.67.172.48, located in United States and belongs to CLOUDFLARENET, US. The main domain is dewi368.mstenergy.xyz.
TLS certificate: Issued by E1 on May 17th 2024. Valid for: 3 months.

This is the only time dewi368.mstenergy.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	161.9.151.82 161.9.151.82	8456 (ASBOUN) (ASBOUN)
1 2	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	172.67.172.48 172.67.172.48	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	172.217.18.10 172.217.18.10	15169 (GOOGLE) (GOOGLE)
5 10	199.232.196.193 199.232.196.193	54113 (FASTLY) (FASTLY)
1	104.21.235.69 104.21.235.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
52	154.83.2.16 154.83.2.16	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
3	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
2	172.67.69.226 172.67.69.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	157.240.247.8 157.240.247.8	32934 (FACEBOOK) (FACEBOOK)
4	43.152.26.104 43.152.26.104	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
9	184.86.251.197 184.86.251.197	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	157.240.247.35 157.240.247.35	32934 (FACEBOOK) (FACEBOOK)
2	184.86.251.205 184.86.251.205	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
102	15

2 161.9.151.82 (Turkey) 1 redirects

ASN8456 (ASBOUN, TR)

bumatek.boun.edu.tr	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.pokebob.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
direct.clothesfashion.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.67.172.48 (United States)

ASN13335 (CLOUDFLARENET, US)

dewi368.mstenergy.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.217.18.10 (United States)

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 199.232.196.193 (United States) 5 redirects

ASN54113 (FASTLY, US)

i.imgur.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.235.69 (None, )

ASN13335 (CLOUDFLARENET, US)

iili.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

52 154.83.2.16 (Seychelles)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

cdn.sitestatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
files.sitestatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.69.226 (United States)

ASN13335 (CLOUDFLARENET, US)

qris.otomatis.vip	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.247.8 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-ams2.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 43.152.26.104 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

s1.kwai.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 184.86.251.197 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-197.deploy.static.akamaitechnologies.com

ads.mythad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 157.240.247.35 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-01-ams2.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.86.251.205 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-205.deploy.static.akamaitechnologies.com

logsdk.kwai-pro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
52	sitestatic.net cdn.sitestatic.net — Cisco Umbrella Rank: 26273 files.sitestatic.net — Cisco Umbrella Rank: 28224	3 MB
10	imgur.com 5 redirects i.imgur.com — Cisco Umbrella Rank: 7256	1 KB
9	mythad.com ads.mythad.com — Cisco Umbrella Rank: 30575	5 KB
6	mstenergy.xyz dewi368.mstenergy.xyz	421 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 119	4 KB
4	kwai.net s1.kwai.net — Cisco Umbrella Rank: 25410	161 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	76 KB
3	gstatic.com fonts.gstatic.com	67 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 70	2 KB
2	kwai-pro.com logsdk.kwai-pro.com — Cisco Umbrella Rank: 27519	484 B
2	otomatis.vip qris.otomatis.vip — Cisco Umbrella Rank: 34634	452 B
2	boun.edu.tr 1 redirects bumatek.boun.edu.tr	684 B
1	iili.io iili.io — Cisco Umbrella Rank: 37354	643 KB
1	clothesfashion.online 1 redirects direct.clothesfashion.online	451 B
1	pokebob.online a.pokebob.online	601 B
0	dewi188os.com Failed www.dewi188os.com Failed
102	16

	Domain	Requested by
42	files.sitestatic.net	dewi368.mstenergy.xyz
10	cdn.sitestatic.net	dewi368.mstenergy.xyz
10	i.imgur.com	5 redirects dewi368.mstenergy.xyz
9	ads.mythad.com	s1.kwai.net
6	dewi368.mstenergy.xyz	a.pokebob.online dewi368.mstenergy.xyz
4	www.facebook.com	dewi368.mstenergy.xyz
4	s1.kwai.net	dewi368.mstenergy.xyz s1.kwai.net
3	connect.facebook.net	dewi368.mstenergy.xyz connect.facebook.net
3	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	dewi368.mstenergy.xyz
2	logsdk.kwai-pro.com	s1.kwai.net
2	qris.otomatis.vip	dewi368.mstenergy.xyz
2	bumatek.boun.edu.tr	1 redirects
1	iili.io	dewi368.mstenergy.xyz
1	direct.clothesfashion.online	1 redirects
1	a.pokebob.online	bumatek.boun.edu.tr
0	www.dewi188os.com Failed	dewi368.mstenergy.xyz cdn.sitestatic.net
102	17

This site contains links to these domains. Also see Links.

Domain
t.me
s3-ap-southeast-1.amazonaws.com
api.whatsapp.com

Subject Issuer	Validity	Valid
pokebob.online E1	`2024-04-25` - `2024-07-24`	3 months	crt.sh
mstenergy.xyz E1	`2024-05-17` - `2024-08-15`	3 months	crt.sh
upload.video.google.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
iili.io E1	`2024-06-01` - `2024-08-30`	3 months	crt.sh
sitestatic.net Cloudflare Inc ECC CA-3	`2023-12-19` - `2024-12-18`	a year	crt.sh
*.gstatic.com WR2	`2024-05-21` - `2024-08-13`	3 months	crt.sh
otomatis.vip GTS CA 1P5	`2024-04-18` - `2024-07-17`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-16` - `2024-06-14`	3 months	crt.sh
*.kwai.net GlobalSign RSA OV SSL CA 2018	`2023-10-26` - `2024-11-26`	a year	crt.sh
*.mythad.com GlobalSign GCC R3 DV TLS CA 2020	`2023-10-23` - `2024-11-23`	a year	crt.sh
*.kwai-pro.com GlobalSign GCC R3 DV TLS CA 2020	`2023-08-10` - `2024-09-10`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://dewi368.mstenergy.xyz/
Frame ID: 375A99EC0DF9EFA2BF2A0589D5EA52A5
Requests: 98 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

dewi368 - Situs Slot Gampang Maxwin Terbaik

Page URL History Show full URLs

http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki HTTP 307
https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki HTTP 301
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki HTTP 307
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki Page URL
https://a.pokebob.online/ Page URL
https://direct.clothesfashion.online/fakevpn/daftar.html HTTP 301
https://dewi368.mstenergy.xyz/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

102
Requests

88 %
HTTPS

0 %
IPv6

16
Domains

17
Subdomains

15
IPs

6
Countries

4680 kB
Transfer

6499 kB
Size

7
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/csdewi188
Title: /T.ME/CSdewi368

Search URL Search Domain Scan URL

URL: https://s3-ap-southeast-1.amazonaws.com/apkstore888.net/dewi368/dewi368.apk

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=+62819%205202%206915
Title: WHATSAPP +62819 5202 6915 24/7 Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki HTTP 307
https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki HTTP 301
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki HTTP 307
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki Page URL
https://a.pokebob.online/ Page URL
https://direct.clothesfashion.online/fakevpn/daftar.html HTTP 301
https://dewi368.mstenergy.xyz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki HTTP 307
https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki HTTP 301
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki HTTP 307
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki

Request Chain 3

https://i.imgur.com/dXa3HlG.gif HTTP 302
https://i.imgur.com/removed.png

Request Chain 5

https://i.imgur.com/BfVw5nG.gif HTTP 302
https://i.imgur.com/removed.png

Request Chain 6

https://i.imgur.com/TlmTWQm.gif HTTP 302
https://i.imgur.com/removed.png

Request Chain 7

https://i.imgur.com/X4wgTCO.gif HTTP 302
https://i.imgur.com/removed.png

Request Chain 46

https://i.imgur.com/UWeWqPV.gif HTTP 302
https://i.imgur.com/removed.png

102 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/
bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/
Redirect Chain

http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki
https://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki
http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki

102 B
276 B

141ms
141ms

Document
text/html

161.9.151.82
ASBOUN

General

Check archive.org

Show headers Download Go to

Full URL: http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki
Protocol: HTTP/1.1
Server: 161.9.151.82 , Turkey, ASN8456 (ASBOUN, TR),
Reverse DNS
Software: Apache /
Resource Hash

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Length: 102
Content-Type: text/html
Date: Fri, 07 Jun 2024 07:57:58 GMT
Keep-Alive: timeout=5, max=100
Server: Apache

Redirect headers

Location: http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 /
a.pokebob.online/ 271 B
601 B 1934ms
1363ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://a.pokebob.online/
Requested by: Host: bumatek.boun.edu.tr
URL: http://bumatek.boun.edu.tr/wp-content/uploads/2023/10/1/?justin=kerahoki
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.0.30
Resource Hash

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: http://bumatek.boun.edu.tr/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88ff182c1cb44d8d-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 07:58:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKxIxrwcjxhmZLcapm09QQhI1UwjmuQ682B61f4p4OvxTKZXiRZhJF2cfHc3Or6Twjd8DIf9NYMGjXaX3kY%2Be3Gq1nuVGTINOt69rrYhrDilK1QunR6oiCXc8V1bHD3%2FxCuP"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: PHP/8.0.30
x-turbo-charged-by: LiteSpeed

GET
H2

200

Primary Request / Show response
dewi368.mstenergy.xyz/
Redirect Chain

https://direct.clothesfashion.online/fakevpn/daftar.html
https://dewi368.mstenergy.xyz/

311 KB
26 KB

1473ms
930ms

Document
text/html

172.67.172.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dewi368.mstenergy.xyz/
Requested by: Host: a.pokebob.online
URL: https://a.pokebob.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd16aaf65d7bddfcf11f1834de29f3c40229eb31fe650a4101be6d30a07c5126

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://a.pokebob.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88ff183f68f0a87f-RIX
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 07 Jun 2024 07:58:02 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NCfC6UWYGfg3DeLUlqvblu6aX2zM1k0Y%2B2nhQ1FMjUDi4XP1gIKiUKK5frzVo1%2Bq6kfIRwM6XwhsQonDbYvCv5iEyfSFwsYxOi6qmkDjhrsvP%2F7wNZfkeeuvgAlutQ88Nw96Z5yfpR0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88ff18384ef4971a-AMS
content-type: text/html; charset=iso-8859-1
date: Fri, 07 Jun 2024 07:58:01 GMT
location: https://dewi368.mstenergy.xyz/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Bsh0yp7bUEWrgrJq0tX%2FpsZERP7xp%2FzOlrdF4HYT9%2BMdtpqID2rbh3J4u2FM7U30aSfPojR5l%2BsJe0emQA%2BD1iNv0C7USaZtvmJwOWu6kXLFaIZQf1rpo0x9%2B1cMkJGisBobFlxF7I8dqra80G4B"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 2 KB
643 B 700ms
172ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway:900&display=swap

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f10.1e100.net

Software

ESF /

Resource Hash

d05e0345406f2d676efda2063643450279a9898463f1be66050ac9ea3786cd03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 07:46:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 07:58:03 GMT

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/dXa3HlG.gif
https://i.imgur.com/removed.png

503 B
0

46ms
46ms

Image
image/png

199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://dewi368.mstenergy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-content-type-options: nosniff
age: 8021844
x-cache: HIT, HIT
content-length: 503
x-served-by: cache-bwi5167-BWI, cache-hel1410030-HEL
last-modified: Wed, 14 May 2014 05:44:36 GMT
server: cat factory 1.0
x-timer: S1717747083.394785,VS0,VE0
etag: "d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 567380

Redirect headers

x-cache-hits: 0, 0
date: Fri, 07 Jun 2024 07:58:03 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
age: 0
x-timer: S1717747083.217450,VS0,VE119
x-cache: HIT, MISS
access-control-allow-methods: GET, OPTIONS
location: https://i.imgur.com/removed.png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-iad-kjyo7100158-IAD, cache-hel1410030-HEL

GET
H2 200 JXbWH7a.gif
iili.io/ 642 KB
643 KB 823ms
200ms Image
image/gif 104.21.235.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iili.io/JXbWH7a.gif
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.235.69 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ad37d3fd1d807f2331b403b546b48bd7ddde2bcddd01711d7f163d1c43bcebf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6720551
alt-svc: h3=":443"; ma=86400
content-length: 657144
last-modified: Thu, 21 Mar 2024 12:41:13 GMT
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/gif
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PqMXjHkAuJN57F3DrSuZ1p5cwelUshalGpT39chtkSUqDKhwudLAL2wUArFad4krM%2BfivjzyPTnk7%2BLnKoFmGeXyAGQD0TuURmk9l40ARW0RxCT4ZzRuJEb7"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 88ff18495ae7d6ba-CDG
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/BfVw5nG.gif
https://i.imgur.com/removed.png

503 B
0

15ms
15ms

Image
image/png

199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://dewi368.mstenergy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-content-type-options: nosniff
age: 8021844
x-cache: HIT, HIT
content-length: 503
x-served-by: cache-bwi5167-BWI, cache-hel1410030-HEL
last-modified: Wed, 14 May 2014 05:44:36 GMT
server: cat factory 1.0
x-timer: S1717747083.394785,VS0,VE0
etag: "d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 567380

Redirect headers

x-cache-hits: 0, 0
date: Fri, 07 Jun 2024 07:58:03 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
age: 0
x-timer: S1717747083.217402,VS0,VE154
x-cache: HIT, MISS
access-control-allow-methods: GET, OPTIONS
location: https://i.imgur.com/removed.png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-iad-kcgs7200077-IAD, cache-hel1410030-HEL

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/TlmTWQm.gif
https://i.imgur.com/removed.png

503 B
0

0ms
0ms

Image
image/png

199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://dewi368.mstenergy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-content-type-options: nosniff
age: 8021844
x-cache: HIT, HIT
content-length: 503
x-served-by: cache-bwi5167-BWI, cache-hel1410030-HEL
last-modified: Wed, 14 May 2014 05:44:36 GMT
server: cat factory 1.0
x-timer: S1717747083.394785,VS0,VE0
etag: "d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 567380

Redirect headers

x-cache-hits: 0, 0
date: Fri, 07 Jun 2024 07:58:03 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
age: 0
x-timer: S1717747083.217378,VS0,VE199
x-cache: HIT, MISS
access-control-allow-methods: GET, OPTIONS
location: https://i.imgur.com/removed.png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-iad-kjyo7100030-IAD, cache-hel1410030-HEL

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/X4wgTCO.gif
https://i.imgur.com/removed.png

503 B
727 B

68ms
68ms

Image
image/png

199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=300
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://dewi368.mstenergy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
strict-transport-security: max-age=300
x-content-type-options: nosniff
age: 8021844
x-cache: HIT, HIT
content-length: 503
x-served-by: cache-bwi5167-BWI, cache-hel1410030-HEL
last-modified: Wed, 14 May 2014 05:44:36 GMT
server: cat factory 1.0
x-timer: S1717747083.394785,VS0,VE0
etag: "d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 567380

Redirect headers

x-cache-hits: 0, 0
date: Fri, 07 Jun 2024 07:58:03 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
age: 0
x-timer: S1717747083.217432,VS0,VE107
x-cache: HIT, MISS
access-control-allow-methods: GET, OPTIONS
location: https://i.imgur.com/removed.png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-iad-kiad7000125-IAD, cache-hel1410030-HEL

GET
H3 200 jquery.min.js Show response
cdn.sitestatic.net/assets/jquery/ 85 KB
31 KB 396ms
270ms Script
application/javascript 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitestatic.net/assets/jquery/jquery.min.js
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: M21S45SMKQFSR0P4
age: 119542
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: mfBpb9mVnRpxn/3UWj1IV/G9rP5NQ5HG1tp1Keu8hhDQUpMixYMZYS2DShuZPvMuvnyL19LE0vM=
last-modified: Sat, 29 Jul 2023 05:07:12 GMT
server: cloudflare
etag: W/"a09e13ee94d51c524b7e2a728c7d4039"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 88ff18462bc13768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 bootstrap.min.js Show response
cdn.sitestatic.net/assets/bootstrap/ 39 KB
12 KB 196ms
72ms Script
application/javascript 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitestatic.net/assets/bootstrap/bootstrap.min.js
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: V4Y08PE6718S6GV5
age: 99858
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: g42vGbsTVWZL69k59ZTaJS9kK73bMhbI0UqmFAVu4jO2g3AOdXMpwViaUxi7+OWUS9zVR68ckN4=
last-modified: Sat, 29 Jul 2023 04:41:22 GMT
server: cloudflare
etag: W/"2f34b630ffe30ba2ff2b91e3f3c322a1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 88ff18462bbc3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H2 404 icomoon.woff2
dewi368.mstenergy.xyz/ 0
0 662ms
659ms Font
text/html 172.67.172.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dewi368.mstenergy.xyz/icomoon.woff2?h141kb
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Origin: https://dewi368.mstenergy.xyz
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X%2BGEoLHK1xdJh%2FWgkeShqJg0Ik87QIYZNugEjoF2oqJ6tgQdcMxQmZRwCmuh%2Fz8%2FbLGXOg9LzW9qth1DddVnAPOiGy5bg0SbDgF0IwY02Z2HLxZaCqumMGoVNWKSX%2F5E3JziHDbEmSY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=iso-8859-1
cache-control: max-age=14400
cf-ray: 88ff18458c39a87f-RIX
alt-svc: h3=":443"; ma=86400

GET swiper.css
www.dewi188os.com/css/ugsports/ 0
0

GET
H2 200 app-mobile.css
dewi368.mstenergy.xyz/ 248 KB
46 KB 3869ms
3868ms Stylesheet
text/css 172.67.172.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dewi368.mstenergy.xyz/app-mobile.css?id=d7271366690886d588ae
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2538d3b57022bc05f3800160ff645dabe6819fb899ac94603a7214fee5fa6b5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:06 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 30 Apr 2024 23:57:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=93b9%2Fy8ocXI2Kh4ZdXzwGA5fDVef%2B9hfB8eLLT3W51TcqHvNUeDsEq8SjrXZOxsgI5UNpWC81G%2Flbxb6mGZuasRViFrFGx03t3TgQkqfhibAXPXeRFaYP1sr0mzGjMwRAnj2cxouYYE%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 88ff1845cc8ba87f-RIX
alt-svc: h3=":443"; ma=86400

GET
H2 200 custom.css
dewi368.mstenergy.xyz/ 28 KB
5 KB 992ms
991ms Stylesheet
text/css 172.67.172.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dewi368.mstenergy.xyz/custom.css?id=d002093e299d92b41341
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62ec963ec2ddda256157253e8ef9a8355423cfd49733c6a0192796c6d341e828

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 30 Apr 2024 23:57:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JUAOCn1UeFc9pWAwJ1b6WolPIc1bkhS386wgRsZm%2FGErocysAOd5K5I5dua3QOOyR0jixHPok%2B0ZnMmehhP0EksxX5FXM6Q0j6wmXtxro1VYbb7MyqbeMXyic8h7LGpra2M85uEjGk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
cf-ray: 88ff1845cc90a87f-RIX
alt-svc: h3=":443"; ma=86400

GET
H3 200 sweet_alert2.min.js Show response
cdn.sitestatic.net/assets/jquery/ 66 KB
18 KB 256ms
134ms Script
application/javascript 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitestatic.net/assets/jquery/sweet_alert2.min.js
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: ASQVFGDWGP0VQM8V
age: 119542
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: NJoqYVnGSL9+xSbdYXzxILSXRqYExVJrV8t3xMLmuMpMzxOqe2fbdJSjv4kRdyMelxqK57qVFM8=
last-modified: Sat, 29 Jul 2023 04:41:22 GMT
server: cloudflare
etag: W/"0c0de18caa00c8ea26099fb8cd50b05a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 88ff18462bbe3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 jquery-ui.min.js Show response
cdn.sitestatic.net/assets/jquery/ 248 KB
68 KB 262ms
139ms Script
application/javascript 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitestatic.net/assets/jquery/jquery-ui.min.js
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Y5GEHSGVQEHJVVHY
age: 25348
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: f6MQujIwS8KJm/cjl6q/z2N2fKiqKs5KClU0uDxEzVm5HSivWMH7RpSeKb59erAt6UK+J3Rotl4=
last-modified: Sat, 29 Jul 2023 04:41:22 GMT
server: cloudflare
etag: W/"c15b1008dec3c8967ea657a7bb4baaec"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 88ff18462bc03768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 jquery.ui.touch-punch.min.js Show response
cdn.sitestatic.net/assets/jquery/ 1 KB
917 B 213ms
212ms Script
application/javascript 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitestatic.net/assets/jquery/jquery.ui.touch-punch.min.js
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 2YT1CRBG6B0XNZ2M
age: 95388
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: U+LNnIDuRkoHOflqe4v/1vtO7Urty+bJ9WaWVEgj6q+Q4sMT48pqKnZzYXHzAGR7H9iBuJr8t70=
last-modified: Sat, 29 Jul 2023 05:07:12 GMT
server: cloudflare
etag: W/"700b877cd3ade98ce6cd4be349d81a5c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 88ff1846dc193768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 65257984a64b2_output-onlinegiftools.gif
files.sitestatic.net/ImageFile/ 2 MB
2 MB 420ms
406ms Image
image/gif 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/ImageFile/65257984a64b2_output-onlinegiftools.gif
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4033ddb5c07522e6dec870574082458dabd076c334a5b1446d54e2da542e45dd

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: kNBor1p6BRA9YbxsOG4OaCfRiAaMw.dz
cf-cache-status: MISS
x-amz-request-id: 0XDMYMXDA0CQ315B
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1906333
x-amz-id-2: hphcs8RqbTBOrFbHhdrFJ/6hs4uKgMbodoQMjOijtQi+MpzZ9GHpV4JNLpe9bsDnauoMtYUAcoY=
last-modified: Tue, 10 Oct 2023 16:19:18 GMT
server: cloudflare
etag: "97b14322a17884cafbf60581291c49a7"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18471c3f3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 64f9a3d900f37_64f583d516c92_RTP%20Slot%20Revisi.webp
files.sitestatic.net/ImageFile/ 43 KB
43 KB 857ms
848ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/ImageFile/64f9a3d900f37_64f583d516c92_RTP%20Slot%20Revisi.webp
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: d0e10c58f30442fe280c8d102bfe08883fdcc2c4008a0032e68d2165816075cc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: c7yB6jomgfwrzPWi2ku6SflhYvwvrn3X
cf-cache-status: MISS
x-amz-request-id: 0XDZVBYW15DHGVJB
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 43744
x-amz-id-2: sUSWYv8oomCYMzuFSPF4EpU88t05JxS88h2pFUgUf/LqFl8m9EpJt0EF0UhrViC3xjKTBl3f2JM=
last-modified: Thu, 07 Sep 2023 10:20:10 GMT
server: cloudflare
etag: "e7c7df2e4dd90db7f0934990c80c2297"
vary: Accept-Encoding
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18471c3e3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H2 200 DEWI368.png
dewi368.mstenergy.xyz/ 39 KB
40 KB 1648ms
1647ms Image
image/png 172.67.172.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dewi368.mstenergy.xyz/DEWI368.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c754bb76abe4e581edaf719bc873d364e4e6031644fda40ad605eb3da37e7328

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:04 GMT
cf-cache-status: MISS
last-modified: Tue, 30 Apr 2024 23:57:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q5MbMJPZh4AFb%2FaxADj%2BkJ37qAa4rdnoyVGPDJ57GdtJd2LZElVGbEzd8j1LR3%2FLmzwPQz8l8xHdLUOatqALbVFmmp4O2gYFts6JptZo0fCKOx%2B3tXZdHj2PF0ahGQDGgvSEDBCF7Yk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88ff1845cc94a87f-RIX
alt-svc: h3=":443"; ma=86400
content-length: 40351

GET
H2 200 0_W_slider-5.jpg
dewi368.mstenergy.xyz/ 304 KB
304 KB 1654ms
1653ms Image
image/jpeg 172.67.172.48
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dewi368.mstenergy.xyz/0_W_slider-5.jpg
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.172.48 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ed30c846d58a68884e549ea69a8826034ab1d034874f4211454b9e34fed6ef7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:04 GMT
cf-cache-status: MISS
last-modified: Tue, 30 Apr 2024 23:57:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=frL%2FrDS6zlVdtjNkl90zlHK8fAcsJjqO%2F5ON7LBZzM3pvW6rjjfwD4QRXtoBOlbX5z9%2BEr7rWpZgZV5iaR0JbzX9BKdJE%2B0Js3m8n1VTqY3fCkzVy4voOwF7Ac%2BrBT%2F7%2FoB59%2F6NooQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 88ff1845cc98a87f-RIX
alt-svc: h3=":443"; ma=86400
content-length: 311073

GET
H2 200 css2
fonts.googleapis.com/ 1 KB
859 B 430ms
171ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rubik+Mono+One&display=swap

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f10.1e100.net

Software

ESF /

Resource Hash

3936eeba9a43265b4a8231e235e20ccf1462bd79e86b918b9da41c9fac30cdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 07:58:03 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 07:58:03 GMT

GET
H3 200 202401221335290000000e2d0f9467GGGAAAT__484x155.gif
files.sitestatic.net/progressive_img/ 181 KB
182 KB 3753ms
3752ms Image
image/gif 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/progressive_img/202401221335290000000e2d0f9467GGGAAAT__484x155.gif
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 74245c6e47902cbf49e7f703dfac18571e957f638ecd8c07b15c1a7bc6b484f9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:04 GMT
x-amz-version-id: e_LBZbKXy_o.D4Sns1FYRt_1avXN6jYY
cf-cache-status: MISS
x-amz-request-id: 0R94DZN3FKBRPHEE
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 185504
x-amz-id-2: fDGH45bs+UrR3g+cW0PV82KN8sTnCUGQvPffqrb9Xou0Q0YKB3QaOhEl/xEg0sFRGisPJawUFas=
last-modified: Mon, 22 Jan 2024 05:35:30 GMT
server: cloudflare
etag: "4e79d82f2be598b87a076009aba01ee6"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18479c753768-HEL
expires: Sat, 07 Jun 2025 07:58:04 GMT

GET
H3 200 Maneki_Neko.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 19 KB
20 KB 93ms
93ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Maneki_Neko.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70780a7c65b77d6d22afe34711fd6571bdaff21596575801b9459f4f2db9855c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: eZ.TWEy8Ec2ecekPKEkKj_TeO3SBPC1X
cf-cache-status: HIT
x-amz-request-id: G3H9CZ3GVFKNA8E1
age: 6021
cf-polished: origFmt=png, origSize=22441
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Maneki_Neko.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19904
x-amz-id-2: UVrsE7BwTgcY2gZc89iZKSDUi2YS0Gr+FAQmRUlBkztQTvl6ifhsTOhV3F+jjpzGh8KeefQdRDKU4HPKWTuOJw==
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Apr 2024 10:53:08 GMT
server: cloudflare
etag: "650487dbd3efbb6cd1a3da6c1727cee2"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18479c763768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Mahjong_Ways_Two.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 21 KB
22 KB 103ms
102ms Image
image/png 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Mahjong_Ways_Two.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96a5e5a540a4dfbcd282bfbb91f69ddd72f7209719b7c11d0af648a5102d79da

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: x3JiK5B5fnGWCbLzlBqUhHUvBezzEkNG
cf-cache-status: HIT
x-amz-request-id: 84KSYGM2BQE1WJZ0
age: 507
cf-polished: origSize=22530, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 21781
x-amz-id-2: hnCBYdSRPYXX3Rx62w8Si3tSb8WEn9lMR06+n9lrx4W8fBSgqS1T9QxDi+d8WhViXh+g/Lpo6Mc=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:46 GMT
server: cloudflare
etag: "bc01167bfc2cc3da649f2676848db923"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18479c773768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Gates_Of_Olympus.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 20 KB
21 KB 112ms
112ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Gates_Of_Olympus.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c783ae9a7961fcafdda9d2c0ea62c73fadc4811f06a4ffc08f7e654bb83cf472

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: S4GR9uNWr.zKiF_6y5R8PTHxR5Zee5w9
cf-cache-status: HIT
x-amz-request-id: ZHDPJVD6X9KAP2JV
cf-polished: origFmt=png, origSize=21732
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Gates_Of_Olympus.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20610
x-amz-id-2: 9moa9FCNO6dapVZKBQ6jxbF/RCaxf+AZcMOtvQCAq+yxpqvy+tfcy3eicTHh4PNSLZpE09Oo/SM=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:41 GMT
server: cloudflare
etag: "2ca81042859e7e09bec1de01b6f2a352"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff1847cc863768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Starlight_Princess.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 18 KB
19 KB 76ms
75ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Starlight_Princess.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b3b723285deec88d88deb08bf651d1a66959b60959785fe07d4e2888de9998

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: biiVY1BNQEW0ox8XUT4b3LEGy45XJ370
cf-cache-status: HIT
x-amz-request-id: 0B95HKD44VQWSRM8
age: 511
cf-polished: origFmt=png, origSize=19891
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Starlight_Princess.webp"
alt-svc: h3=":443"; ma=86400
content-length: 18698
x-amz-id-2: BOxpEJoL3XcKE8vakEDaldI79gMdCZsZYaHzpFW0zJKV+l5R5xhKB1Ov8XkBHy3kZ5Vned3fUjE=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:49 GMT
server: cloudflare
etag: "c0ebcad0fb5984762cc644bb6c4d1f07"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483ccb3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Mahjong_Ways.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 19 KB
19 KB 78ms
75ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Mahjong_Ways.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f73ac99c08fabbedde5cae860087d7d16d9e6ab85863f83b6dd89e2a934012af

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: In6gxRZ8b6PnTDNXDu.JBO90nm15oeCZ
cf-cache-status: HIT
x-amz-request-id: 65CZJT60EDA0Q202
age: 514747
cf-polished: origFmt=png, origSize=20153
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Mahjong_Ways.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19252
x-amz-id-2: AtdecH0YiWO17OCCp6DUaUuC9nvxBk4QrVTR2iSHEVvTRXzwKF4EFaLQCo6lWW9rY2hpCk+Rp9fmEoHFnSGwYA==
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:45 GMT
server: cloudflare
etag: "b971c6792f68d486371df509ad3c0661"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483ccc3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Sweet_Bonanza.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 16 KB
17 KB 83ms
81ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Sweet_Bonanza.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb2b812df04aa12e2f598c4847c516b077a0249ff62e84951c94fd9b22f31b1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: 0YrO38l4D.o9DfeiC.D7BmkxiULY_Aw5
cf-cache-status: HIT
x-amz-request-id: E5DKRBW3G29F8N65
age: 36701
cf-polished: origFmt=png, origSize=17058
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Sweet_Bonanza.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16686
x-amz-id-2: +OwQ9Pk1fu5x3BARxwyCaBIRIY0+z1x5EZ9s2Uisz0P/ejmHf09te6uH9e7niU5nGRveyv+7Kq/nH9EYSzsqvg==
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:52 GMT
server: cloudflare
etag: "6cc91fa9659038c1b7d61d9e8794bb80"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483ccd3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Gates_Of_Olympus_1000.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 59 KB
60 KB 81ms
78ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Gates_Of_Olympus_1000.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26936934bd1611d66d3c77d318d16af4e067d6b45ed70f9d914c2870949df658

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: rP_jiNr3X7lkNOVoyNTwov0IZw2fozDU
cf-cache-status: HIT
x-amz-request-id: 2T1HFYZ2P7DA2PDP
age: 511
cf-polished: origFmt=png, origSize=74738
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Gates_Of_Olympus_1000.webp"
alt-svc: h3=":443"; ma=86400
content-length: 60708
x-amz-id-2: ginSLZ86tUl4AJyJsKRjM8Des/FnIWhsG78Tgku4uXrECBdsD4d6oWM6MlduverE5oNT2SEgOHPbrwfgH7fp1Q==
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jan 2024 12:52:59 GMT
server: cloudflare
etag: "62ef81bab5264926d8f2068140cd80e4"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483cce3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Lucky_Neko.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 18 KB
18 KB 126ms
124ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Lucky_Neko.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e458b6398b0f729b96a4c6134d5d11857f65832b5f66acabe27e7a9ff2d5e10

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: pv76Enwz6LhszHxkVHUvGUms0dWzDTms
cf-cache-status: HIT
x-amz-request-id: HA2RG0C60WZ1QTK2
age: 507
cf-polished: origFmt=png, origSize=19347
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Lucky_Neko.webp"
alt-svc: h3=":443"; ma=86400
content-length: 18078
x-amz-id-2: 4gmRkEDmdOXd4dQYh9vXWklSXJbZrfA2P9wx/7EyKYI4I8bgLMM7+48REAXLigBCS83BZFcY5QQ=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:43 GMT
server: cloudflare
etag: "026aede0e800879a5cd791409692b598"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483ccf3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Neko_Riches.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 17 KB
17 KB 129ms
126ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Neko_Riches.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8a2f63033d659ab070c5fe3391e27c2e59ee90024dd48451f72ff4ff63ecbd9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: G0.VTw5pykVmnpYd56sVm3_eZFvYRSpx
cf-cache-status: HIT
x-amz-request-id: 1RKE4B5AA7MASZHV
age: 511
cf-polished: origFmt=png, origSize=17957
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Neko_Riches.webp"
alt-svc: h3=":443"; ma=86400
content-length: 17126
x-amz-id-2: Aums64ulj2ywvqPnTeoKj6AhWWoyi9f9UOqmmjFL9lKqV1RlPZ/uX/V3UxE7r6fLas8EEgI4Ek8=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:48 GMT
server: cloudflare
etag: "f764de80b2bfc14a2448a6b132d1ba7d"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483cd03768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Wild_Bandito.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 18 KB
19 KB 129ms
127ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Wild_Bandito.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c58c101cc884efde178a3043489874d9f58bce38e1b6a6795ef8065abbf48f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: bmBHQZ8z_J8SYtVcGWBxtmi9_xkPg73Q
cf-cache-status: HIT
x-amz-request-id: 2T1GPSEG1TX93WJA
age: 479
cf-polished: origFmt=png, origSize=19636
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Wild_Bandito.webp"
alt-svc: h3=":443"; ma=86400
content-length: 18740
x-amz-id-2: c61o3ff7aVDTc1jNLcyOqnbA26+rJvnqNRHYs6ysUrsJjat5B1LtJ7vUpiM/wkjNeTdwTgNhcc6cx6/8BN9lcA==
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:57 GMT
server: cloudflare
etag: "911838672d75d53326341e56fb1ad30d"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483cd13768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Starlight_Princess_1000.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 20 KB
20 KB 167ms
165ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Starlight_Princess_1000.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51ecb52b412444d5649e7cb8e2dbceb134216bae4a3126f90e87e2a39223c48e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: EBH7_w39F0Bzgds7kbimj7W80jT3Swhx
cf-cache-status: HIT
x-amz-request-id: 6BK0BRD1FN5S1PHN
age: 208105
cf-polished: origFmt=png, origSize=21375
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Starlight_Princess_1000.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20054
x-amz-id-2: gL5g7SgVkV6Bi1fmLoETQ3ThIzDuOT9UB4pWqnqFSFAs8nd4uVeKbG30VmXKa+/i5W0AL/WFCz8=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:51 GMT
server: cloudflare
etag: "21e420b9e0210a1662aed8aabb769d60"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483cd23768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 4DShanghai_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 13 KB
14 KB 3673ms
3672ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/hkgp_game_logos/4DShanghai_b.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4258325d0e652bee5432a0d18b3b1d596659b03f5a86f0636565e78ad16f0a3f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20210922T050800Z
date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: cRlmi4s8wMCueUkoYWKeggdETM4usH5h
cf-cache-status: HIT
x-amz-request-id: CKYQSA41Y3EHA3VQ
cf-polished: origFmt=png, origSize=20831
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 7b537a9e0dc92ecbe35d74c61565c865fd3f8eb4158a7c1a5ae63431a6324410
content-disposition: inline; filename="4DShanghai_b.webp"
alt-svc: h3=":443"; ma=86400
content-length: 13496
x-amz-id-2: MwG1Tx1YeF00ms3mbahi0l8yAuixL9K/YMgZ5nm6jKcDgRl5w70VnzM16Ve8ihQHGCqykdPfvjg=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Sep 2021 05:16:18 GMT
server: cloudflare
etag: "246e01762054b8d6f9739adb05545018"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d283768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 toto_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 12 KB
12 KB 3707ms
3705ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/hkgp_game_logos/toto_b.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f018b8a0bda4f9ecf744ff4816799ca811d7fb0bb4e391f16612b6ad641c4d5f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20210922T050149Z
date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: P753lleux34qcZIwp2K4VVYHiHlnT.Er
cf-cache-status: HIT
x-amz-request-id: WTQR2T8JMMEB4JKM
cf-polished: origFmt=png, origSize=17733
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 2db954930c796037a605d34adffd198beec535c530303cebc79d9bdedf5f1df8
content-disposition: inline; filename="toto_b.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12116
x-amz-id-2: 1eEPIsSzXmoYr2JuVEhsgvB33hSUKK7G40n2xRkZ7vbtgN5+aFABj7cRVsHiPjt4aDoYvFANhB4=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Sep 2021 05:16:19 GMT
server: cloudflare
etag: "35aded89a44dc59b8d67c1dc2cd6c126"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d2c3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 pool_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 14 KB
15 KB 3721ms
3718ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/hkgp_game_logos/pool_b.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 16c6e52bde4cc463f31ed65f80f376b8c58a223f75b4bc3338d9d3b54d3431a4

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20210922T050455Z
date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: 55QMxsusrtDd9NXqFXdHZPJ1UDEV7Wfq
cf-cache-status: HIT
x-amz-request-id: AHGW0V8NEED92BA2
age: 287931
cf-polished: origFmt=png, origSize=22113
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: a3918ee135aa18682d95357bcbf2ba1c10fdc135ee3abf372ce12e5cd70c4069
content-disposition: inline; filename="pool_b.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14640
x-amz-id-2: JMXo5DvJphbRw3dR1OPbh4slcvsp0W7Zyne1oZyWCJzNFzvGBjGS79OzgScERANko1zb/B49Of4=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Sep 2021 05:16:19 GMT
server: cloudflare
etag: "031331cbf5f8550904b9ba00229c715b"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d2d3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 king4D_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 11 KB
12 KB 3734ms
3732ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/hkgp_game_logos/king4D_b.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3043faabfc9ef8064fceef7f739ce3346b98579cabcf518a9197f7d124292fc

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20210922T051448Z
date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: HIs3pdprzJuXRnkeHlPIZSluw.r8t2rO
cf-cache-status: HIT
x-amz-request-id: CKYHGGM7HY4F33B3
age: 287931
cf-polished: origFmt=png, origSize=18340
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 37bfe8eb57cd9c5dc556cdb3662198849f7c638b6223fa7ec660e6375b767333
content-disposition: inline; filename="king4D_b.webp"
alt-svc: h3=":443"; ma=86400
content-length: 11598
x-amz-id-2: yZ6nXI255RfVytq+EQUdRj5L/9uI7PZyHot9q9TG093wwJqkmPO/lIU3cqQzBIjwUcJJUcTkxgk=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Sep 2021 05:16:18 GMT
server: cloudflare
etag: "1f0b84960a0b799d0c9e88ba4c472d7f"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d2e3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 HKGrand_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 13 KB
14 KB 3745ms
3743ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/hkgp_game_logos/HKGrand_b.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f80cdbf4cc504bcc47aa3fa33c4729dbe72e4df21e5610e4b3a15cfdb19d988

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20210922T050936Z
date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: 7wXd10smtwOxpDe9nqlnMnJOEyiOdjuX
cf-cache-status: HIT
x-amz-request-id: JG8GG5HC012K13B1
cf-polished: origFmt=png, origSize=21303
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 71f72f2b2e6d7ea0ed575c6497efdd103f37f814eecc634fefb6af781cda273e
content-disposition: inline; filename="HKGrand_b.webp"
alt-svc: h3=":443"; ma=86400
content-length: 13584
x-amz-id-2: T8Gf8E93113sJtilsAltlCqUvHHELXN8zfVZLXqG12ZhpvV24nxf5tGfqJ9mld3/2IOiBp7ZY+s=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Sep 2021 05:16:18 GMT
server: cloudflare
etag: "f3a6b7700940af0420845d154f36fa1e"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d2f3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 amazon_b.png
files.sitestatic.net/assets/imgs/hkgp_game_logos/ 14 KB
15 KB 3755ms
3753ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/hkgp_game_logos/amazon_b.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e7ddb9b51c5a2d9a773bdf1f50364aa809b41a3d0fa947fc485e2480647ad59c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20210922T051244Z
date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: 6VlmMuxQEQdG.vgAZco8lMzK_ragurOE
cf-cache-status: HIT
x-amz-request-id: AHGKT3QGCY7R4A8Y
age: 287931
cf-polished: origFmt=png, origSize=22771
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 86c21bf694873e0a95347027bbf7327bb122e14542500ed93759cd19f67093d5
content-disposition: inline; filename="amazon_b.webp"
alt-svc: h3=":443"; ma=86400
content-length: 14596
x-amz-id-2: m5YYP8e/O7HFsM8ouW0WB0ujTl22HoKj6Fab/JoWWv2ECU/q+eNbJn6YQMuBEhycYzWSapky9hE=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Sep 2021 05:16:18 GMT
server: cloudflare
etag: "ed48fd95fe064232d6273d069139d854"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d303768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 user.png
files.sitestatic.net/assets/imgs/gigagaming/ 886 B
1 KB 3770ms
3769ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/gigagaming/user.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fbf85a9cb3dd8d9b9cee3a1014e3caf54e5c48db130732840ba7733af1a01ec

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20220715T092448Z
date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: BwLSKBdxhm3alFCnHjnbK_.lWXakwovR
cf-cache-status: HIT
x-amz-request-id: YN69FD3ANA4JV71W
age: 36701
cf-polished: origFmt=png, origSize=1402
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 82e9ec0c6df65415904210f107561a4ff1df6bf3233739d4fce8275bdc902198
content-disposition: inline; filename="user.webp"
alt-svc: h3=":443"; ma=86400
content-length: 886
x-amz-id-2: fMgxlrQxGqpA+VUPidszqr0FcPkTZxEOekFSqnb0hDapUK9ReE32UzHTGB8jBbRaxl/xMOtjsBU=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 15 Jul 2022 09:31:11 GMT
server: cloudflare
etag: "2e5275e8574c38ec016d594a9d719118"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d313768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 cash.png
files.sitestatic.net/assets/imgs/gigagaming/ 1 KB
2 KB 3771ms
3769ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/gigagaming/cash.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 891b06c855b5a66c0fcb5007d609e4c3a81f0cee98ffad8835ab8e98521b95c5

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20220715T092704Z
date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: 87yPaoADlDjPrBkkch0QViK2kXzJ4itT
cf-cache-status: HIT
x-amz-request-id: EY22WX0ZEY5TK18R
age: 36701
cf-polished: origFmt=png, origSize=2268
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: ae2181f834c42eb2382906275ae1192f39f57ea4f94bd318e916ffcf4f6571ba
content-disposition: inline; filename="cash.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1304
x-amz-id-2: cVCfnZYvoYzxupQjANtuT6eYjvZYK59/9/hOunmIYwB4kZWBa+4bL1o4DQ6wTulGxncOg1LaLnV3MiKL8/93tQ==
cf-bgj: imgq:85,h2pri
last-modified: Fri, 15 Jul 2022 09:31:11 GMT
server: cloudflare
etag: "774f301c1313f3fd760fc75d4a921ee6"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d323768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 online.png
files.sitestatic.net/assets/imgs/gigagaming/ 1 KB
2 KB 3771ms
3769ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/gigagaming/online.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdc9c3093d1d005ecb2f9bb322d8defba8bec58f505708e4d508335fa1fd87ef

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20220715T092624Z
date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: MW8EsZ__bFok98kkyCTjnHrto1TFEWEY
cf-cache-status: HIT
x-amz-request-id: Y05R5X95AAC7JV2C
age: 514747
cf-polished: origFmt=png, origSize=1943
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 4601c973464ccad30f025ba2eb8f524c55917ec84eb93bbd6aa6768a65e88428
content-disposition: inline; filename="online.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1244
x-amz-id-2: NqWNN1HBfMkTOl65uUKzJgdsbY01o0meAkWTMz6x36ZW6o0V9NETsab2ErGpHL8aJTLYk9hPKLE71rm9ng1ycA==
cf-bgj: imgq:85,h2pri
last-modified: Fri, 15 Jul 2022 09:31:11 GMT
server: cloudflare
etag: "0058dcbac59d5e17685880e45d2e57a8"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d333768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 bank_col.jpg
files.sitestatic.net/sprites/bank_logos/ 2 KB
2 KB 3771ms
3770ms Image
image/jpeg 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/sprites/bank_logos/bank_col.jpg?v=3
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: af9a42baeabb75eb4eeb81d111196c4d5b129288f195c9ea8ab17b7344a29152

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: mf8_Ntbd6wMRnXvDqml_sFaja__VLggA
cf-cache-status: HIT
x-amz-request-id: 1Q85WW1ZDHJ8B05P
age: 65612
cf-polished: status=not_needed
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 1726
x-amz-id-2: qe1oig5JoH85S676Dt+GmL4FlCJ3wy2xWVRMEqsoQX7TL2E1Ar1cXEAk9dOvGo0QMkf5R/MMmM8=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Dec 2023 04:25:54 GMT
server: cloudflare
etag: "af9df6537ae2ed0ce71c27996899b8d4"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d353768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 ewallet_col.jpg
files.sitestatic.net/sprites/bank_logos/ 1 KB
2 KB 3772ms
3771ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/sprites/bank_logos/ewallet_col.jpg?v=3
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b1bc6ddf81b9212855c94157645c93be27c8380737f4ee22502220e2f57822d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: YbJ8yC.ozANJQ2DTvJ_FOng9bCXoTnCd
cf-cache-status: HIT
x-amz-request-id: RG3GZHABC88FZ9JS
age: 10161
cf-polished: qual=85, origFmt=jpeg, origSize=1410
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="ewallet_col.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1230
x-amz-id-2: hUoRR7O2H6pf0fSNZI2XUpQrNcK2nO/AAjhFj86zXRJoU2yUuzAtX2voPIK5Otl8cSKxooVuEY6b2CbRIZ6x8g==
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Dec 2023 04:25:55 GMT
server: cloudflare
etag: "a8fff466cb41638b9ec8809d201661da"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d363768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 pulsa_col.jpg
files.sitestatic.net/sprites/bank_logos/ 1 KB
2 KB 3773ms
3772ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/sprites/bank_logos/pulsa_col.jpg?v=3
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 230d6bc167e2bd82773b97c8a50ff08481d6006f1c4ecc547403cd5ae2e9b969

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: xhl01QGXRGhxbTKEa24j63rnPkNYvNt4
cf-cache-status: HIT
x-amz-request-id: P1B1P6CQAF1F3KGJ
age: 225212
cf-polished: qual=85, origFmt=jpeg, origSize=1239
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="pulsa_col.webp"
alt-svc: h3=":443"; ma=86400
content-length: 1094
x-amz-id-2: 8IvjbQoq48gSO55ymVXkidOlsB+eGRi/BKV3rJzq4jsRB0On0ou6hyt0NXn0xiyUqMM0ox7txZ0=
cf-bgj: imgq:85,h2pri
last-modified: Fri, 01 Dec 2023 04:25:54 GMT
server: cloudflare
etag: "de6e906389c16211ca3beeba325e530d"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18492d373768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H2

200

removed.png
i.imgur.com/
Redirect Chain

https://i.imgur.com/UWeWqPV.gif
https://i.imgur.com/removed.png

503 B
0

0ms
0ms

Image
image/png

199.232.196.193
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.imgur.com/removed.png

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Server

199.232.196.193 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

cat factory 1.0 /

Resource Hash

9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://dewi368.mstenergy.xyz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-content-type-options: nosniff
age: 8021844
x-cache: HIT, HIT
content-length: 503
x-served-by: cache-bwi5167-BWI, cache-hel1410030-HEL
last-modified: Wed, 14 May 2014 05:44:36 GMT
server: cat factory 1.0
x-timer: S1717747083.394785,VS0,VE0
etag: "d835884373f4d6c8f24742ceabe74946"
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-cache-hits: 1, 567380

Redirect headers

x-cache-hits: 0, 0
date: Fri, 07 Jun 2024 07:58:03 GMT
strict-transport-security: max-age=300
server: cat factory 1.0
age: 0
x-timer: S1717747084.770621,VS0,VE179
x-cache: HIT, MISS
access-control-allow-methods: GET, OPTIONS
location: https://i.imgur.com/removed.png
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-iad-kjyo7100050-IAD, cache-hel1410030-HEL

GET
H2 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrE.woff2
fonts.gstatic.com/s/raleway/v34/ 21 KB
22 KB 1569ms
214ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVtzpbCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway:900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

3689e0482573b519c0e70686b17303b5439d7f931ef6b226f799f075aab39e00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://dewi368.mstenergy.xyz
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:17:54 GMT
x-content-type-options: nosniff
age: 236411
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21904
x-xss-protection: 0
last-modified: Wed, 01 May 2024 20:31:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:17:54 GMT

OPTIONS
H2 204 merchant_active
qris.otomatis.vip/api/ 0
0 4003ms
2548ms Preflight 172.67.69.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qris.otomatis.vip/api/merchant_active
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dewi368.mstenergy.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://dewi368.mstenergy.xyz
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 88ff1852bb7c8d73-HEL
date: Fri, 07 Jun 2024 07:58:07 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fsj3YBmVU4fN5u3p5%2BaCWTiTki5D65LEGAEvLqi1tpyR6C%2Beu860rzZw8SZVziVrSN4zRKiU1FNCDEyd7KwSfsBJGqTFh%2FcCgtDqJrgmFnWpi%2BYje%2FM3NbkSc5GFuQdUgEd5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin, Access-Control-Request-Headers
x-powered-by: Express

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 219 KB
59 KB 1602ms
210ms Script
application/x-javascript 157.240.247.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams2.fbcdn.net

Software

Resource Hash

83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Jun 2024 07:58:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57975
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=12, mss=1392, tbw=2783, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: iY81GGqbsZo4Po88FSQUYKNcU/IAnIkQyWQ+1g1RfM2U1eezkqeU3J9Ty8u7+sMhzztsBzEkjCyaYL3k1h31lA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK events.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/ 10 KB
5 KB 1846ms
391ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=567155347929432085&lib=kwaiq
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 164.5.255.112
Date: Mon, 03 Jun 2024 09:07:34 GMT
Content-Encoding: gzip
x-oss-request-id: 665D87D5E410DC35323AB3FF
X-Cache-Lookup: Cache Hit
Content-MD5: xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign: NULL
Connection: keep-alive
Content-Length: 3744
X-Ks-Request-ID: 4370233189050521055
X-Ks-Cache: Hit from 43.152.26.104
x-oss-object-type: Normal
Last-Modified: Mon, 27 May 2024 02:52:15 GMT
Server: Lego Server
Etag: "C5DC8475F5AE240BD1474B4467D9E7D8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 4370233189050521055
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 13562747518461854989
x-oss-server-time: 179
Expires: Wed, 03 Jul 2024 09:07:34 GMT

GET
H/1.1 200
OK events.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/ 10 KB
5 KB 1846ms
391ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=579857628894334997&lib=kwaiq
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 164.5.255.112
Date: Mon, 03 Jun 2024 09:07:34 GMT
Content-Encoding: gzip
x-oss-request-id: 665D87D5E410DC35323AB3FF
X-Cache-Lookup: Cache Hit
Content-MD5: xdyEdfWuJAvRR0tEZ9nn2A==
kwaisign: NULL
Connection: keep-alive
Content-Length: 3744
X-Ks-Request-ID: 13845058506857666815
X-Ks-Cache: Hit from 43.152.26.104
x-oss-object-type: Normal
Last-Modified: Mon, 27 May 2024 02:52:15 GMT
Server: Lego Server
Etag: "C5DC8475F5AE240BD1474B4467D9E7D8"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 13845058506857666815
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 13562747518461854989
x-oss-server-time: 179
Expires: Wed, 03 Jul 2024 09:07:34 GMT

POST
H2 200 merchant_active Show response
qris.otomatis.vip/api/ 68 B
452 B 428ms
427ms Fetch
application/json 172.67.69.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qris.otomatis.vip/api/merchant_active
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.69.226 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: cfc71a003148530cab6faceebfeeff722dd0c8805476b44a71eb74004a811bd1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application.json
Referer: https://dewi368.mstenergy.xyz/
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:08 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: Express
etag: W/"44-VQIPgLtuHZgtwdJsCodMGA3LTI8"
vary: Accept-Encoding, Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pddBMIlJ%2BqO%2F8BtX0B32UARV1%2F9jiFl4QzUU8TjtukZA3acNvaxAEJlm8ZbTPExNYTI%2BYGRls2Af6lDP4NMSfzf8Ei8k33bXcirN6DDsnLRlR9Jiyk%2F4atZ2e5rdDRnvgfQg"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://dewi368.mstenergy.xyz
access-control-allow-credentials: true
cf-ray: 88ff1862af688d73-HEL
alt-svc: h3=":443"; ma=86400

GET style.min.css
www.dewi188os.com/fonts/ugsubskin/icomoon/ 0
0

GET log_html5.png
www.dewi188os.com/assets/images/ 0
0

GET btn_playnow.png
www.dewi188os.com/assets/images/ 0
0

GET
H3 200 jquery.validate.min.js Show response
cdn.sitestatic.net/assets/jquery-validation/ 24 KB
8 KB 3687ms
3686ms Script
application/javascript 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitestatic.net/assets/jquery-validation/jquery.validate.min.js
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: XM5M6A7P8AST8W3G
age: 99857
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: UrOW7Shr4znNqtDH7Hnud9Qn4Aj3ONufAyRQ7Xln11eT3l44ROhVqDXR5KhooWqyN1QobuKJTZw=
last-modified: Sat, 29 Jul 2023 04:41:22 GMT
server: cloudflare
etag: W/"5861a036c2de6c2df26749fe41d57605"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 88ff1849bd743768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 additional-methods.min.js Show response
cdn.sitestatic.net/assets/jquery-validation/ 22 KB
7 KB 3702ms
3701ms Script
application/javascript 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitestatic.net/assets/jquery-validation/additional-methods.min.js
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: VCHM3Q1TS6NSV6AD
age: 119541
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: SfGhHHH4lB2ll+dWP04Lna2hdrhA1+uCxG1KJ1xBaphmvhQXRt/1FJNMJ7X+g+K2hAwQl+OGO3Y=
last-modified: Sat, 29 Jul 2023 04:41:22 GMT
server: cloudflare
etag: W/"48babc4e826404ef8b8ca5bad48fc133"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 88ff1849bd753768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 jquery.fancybox.min.css
cdn.sitestatic.net/assets/fancybox/ 12 KB
3 KB 3703ms
3702ms Stylesheet
text/css 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitestatic.net/assets/fancybox/jquery.fancybox.min.css
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Q098RMCVAP9NP93N
age: 99857
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 6f6EEqxI4PAD6jBLmiuf8hybRjOwhuYZhZHnXMh5kuJHVdAZY2lvW1qzxREf20nL3fjNCvS8CnI=
last-modified: Sat, 29 Jul 2023 04:41:22 GMT
server: cloudflare
etag: W/"a2d42584292f64c5827e8b67b1b38726"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 88ff1849bd763768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 jquery.fancybox.min.js Show response
cdn.sitestatic.net/assets/fancybox/ 67 KB
22 KB 3703ms
3702ms Script
application/javascript 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitestatic.net/assets/fancybox/jquery.fancybox.min.js
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: XM5GHB2H1DFF2MJJ
age: 119541
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Ja+1dnrhgwHrmM8i16v/R8hzQOApyz3Ud31+ZC0tJCj9oAJnKs45q9afmTNyi6DFVzrJ0Q1n6/c=
last-modified: Sat, 29 Jul 2023 04:41:22 GMT
server: cloudflare
etag: W/"49a6b4d019a934bcf83f0c397eba82d8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 88ff1849bd783768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET app-mobile.js
www.dewi188os.com/js/ugsports/ 0
0

POST
H2 200 getGrayInfo Show response
ads.mythad.com/rest/n/adintl/gray/ 268 B
389 B 1073ms
279ms XHR
application/json 184.86.251.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=567155347929432085&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-197.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2e9ef055ccdb65c84c4014ae2deb521864abbab31d366288d4c3f2161b188b5a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://dewi368.mstenergy.xyz
date: Fri, 07 Jun 2024 07:58:07 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 238
vary: Accept-Encoding
content-type: application/json;charset=UTF-8

OPTIONS
H2 200 getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 0
0 902ms
296ms Preflight 184.86.251.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-197.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dewi368.mstenergy.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://dewi368.mstenergy.xyz
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 07 Jun 2024 07:58:06 GMT

POST
H2 200 getGrayInfo Show response
ads.mythad.com/rest/n/adintl/gray/ 268 B
478 B 1083ms
275ms XHR
application/json 184.86.251.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=579857628894334997&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-197.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5eb4f365392046cd80159aa9f9e990af7c371b6be42dcac35f7ae5202ec63745

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

date: Fri, 07 Jun 2024 07:58:07 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://dewi368.mstenergy.xyz
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 238

OPTIONS
H2 200 getGrayInfo
ads.mythad.com/rest/n/adintl/gray/ 0
0 885ms
282ms Preflight 184.86.251.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/gray/getGrayInfo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-197.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dewi368.mstenergy.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://dewi368.mstenergy.xyz
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 0
date: Fri, 07 Jun 2024 07:58:06 GMT

GET
H2 200 326221803187753 Show response
connect.facebook.net/signals/config/ 66 KB
14 KB 217ms
215ms Script
application/x-javascript 157.240.247.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/326221803187753?v=2.9.157&r=stable&domain=dewi368.mstenergy.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams2.fbcdn.net

Software

Resource Hash

b9f3c72c2b1ac604278d76d9d0a6069817842fccf2c84b4988c209bb7f6900dc

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Jun 2024 07:58:05 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=61, mss=1392, tbw=63494, tp=-1, tpl=-1, uplat=123, ullat=0
pragma: public
x-fb-debug: l2JM2FuMa1Au9QTwC2PAHq5G5eiPHEsU4krZ7WtxZszhDGHDXacCyTU7Qc11YCbyIhgVQlTrca9cggaFU948IA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 911758476995311 Show response
connect.facebook.net/signals/config/ 24 KB
3 KB 229ms
227ms Script
application/x-javascript 157.240.247.8
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/911758476995311?v=2.9.157&r=stable&domain=dewi368.mstenergy.xyz&hme=446fb981c8c3baeb03730fe3cbd404f7f15f64c693f24c7fe75da498bc2c95d8&ex_m=67%2C113%2C100%2C104%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C160%2C163%2C174%2C170%2C171%2C173%2C28%2C94%2C50%2C73%2C172%2C155%2C158%2C167%2C168%2C175%2C122%2C14%2C48%2C180%2C179%2C124%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C101%2C103%2C37%2C102%2C29%2C25%2C156%2C159%2C131%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C98%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C99%2C43%2C75%2C65%2C105%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C106%2C186%2C185%2C187%2C192%2C193%2C194%2C190%2C182%2C123%2C125%2C152%2C181%2C183%2C114%2C146%2C136%2C140%2C176%2C120%2C218%2C107%2C118%2C219%2C154%2C111%2C134%2C127%2C115

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.247.8 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-ams2.fbcdn.net

Software

Resource Hash

16f5b6b3f05832ec5c501b053858f0c44db2175e8af1b55d51d39d3df5752f4a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 07 Jun 2024 07:58:06 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: GOOD; q=0.7, rtt=50, rtx=0, c=75, mss=1392, tbw=77833, tp=-1, tpl=-1, uplat=131, ullat=0
pragma: public
x-fb-debug: FIgT/wcnIO6U3jlq3R+Cc6Hthakm0f9TvFe/NHPJ2xenJCJhqRyDCSzKdYXZ5kf9se/n4tZxQVIGO4IulSmZUA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
274 B 670ms
95ms Image
text/plain 157.240.247.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=326221803187753&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717747085931&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717747085929.181725812777769271&cs_est=true&ler=other&cdl=API_unavailable&it=1717747085681&coo=false&rqm=GET

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.247.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-ams2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1392, tbw=2851, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Jun 2024 07:58:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 853ms
279ms Image
image/png 157.240.247.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=326221803187753&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717747085931&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717747085929.181725812777769271&cs_est=true&ler=other&cdl=API_unavailable&it=1717747085681&coo=false&rqm=FGET

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.247.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-ams2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x0715a00f99954051","source_keys":["1","2"]},{"key_piece":"0x922e6c8a0ffb8bd7","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 07 Jun 2024 07:58:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1392, tbw=3295, tp=-1, tpl=-1, uplat=180, ullat=0
pragma: no-cache
x-fb-debug: 0Gs7j1CJT6VyzQ9ZEVxAVIeWBYD0KlRN9B/9jgehOnXWWyifBX1Ah5FTBFDZ5FEty2Jx+5XqHbUGtgFWhWRbdg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
103 B 434ms
95ms Image
text/plain 157.240.247.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=911758476995311&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717747086168&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717747085929.181725812777769271&cs_est=true&ler=other&cdl=API_unavailable&it=1717747085681&coo=false&rqm=GET

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.247.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-ams2.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=37, rtx=0, c=10, mss=1392, tbw=2851, tp=-1, tpl=-1, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 07 Jun 2024 07:58:06 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
472 B 619ms
281ms Image
image/png 157.240.247.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=911758476995311&ev=PageView&dl=https%3A%2F%2Fdewi368.mstenergy.xyz%2F&rl=https%3A%2F%2Fa.pokebob.online%2F&if=false&ts=1717747086168&sw=1600&sh=1200&v=2.9.157&r=stable&ec=0&o=4126&fbp=fb.1.1717747085929.181725812777769271&cs_est=true&ler=other&cdl=API_unavailable&it=1717747085681&coo=false&rqm=FGET

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

157.240.247.35 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-01-ams2.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x038871a8d0258221","source_keys":["1","2"]},{"key_piece":"0xcafa1f4808356c42","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 07 Jun 2024 07:58:06 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=42, rtx=0, c=10, mss=1392, tbw=6459, tp=-1, tpl=-1, uplat=182, ullat=0
pragma: no-cache
x-fb-debug: pOLGjmzKEt5eH/gs0CEZWAaoemGCeyfpDxsUD1WrA4NJdsP1skyeyTOdFsTXNIebdYTEcgjyFR40TidY1/8qhw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK core.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 285 KB
76 KB 96ms
95ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=567155347929432085&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 17a08ca949b6aafa43a8cd1490fd52174a7c697bd5f8d4aa46036f89c36e2a43

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 164.5.255.112
Date: Wed, 05 Jun 2024 02:18:24 GMT
Content-Encoding: gzip
x-oss-request-id: 665FCAF0ADA096373074FD63
X-Cache-Lookup: Cache Hit
Content-MD5: 7P9nfeyJxYxyrA2r6d0ebw==
kwaisign: NULL
Connection: keep-alive
Content-Length: 76866
X-Ks-Request-ID: 15144616904007496379
X-Ks-Cache: Hit from 43.152.26.104
x-oss-object-type: Normal
Last-Modified: Tue, 28 May 2024 09:04:08 GMT
Server: Lego Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 15144616904007496379
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 7425553369367326137
x-oss-server-time: 42
Expires: Fri, 05 Jul 2024 02:18:24 GMT

GET
H/1.1 200
OK core.js Show response
s1.kwai.net/kos/s101/nlav11187/pixel/core/ 285 KB
76 KB 214ms
213ms Script
application/javascript 43.152.26.104
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=579857628894334997&lib=kwaiq
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/events.js?sdkid=579857628894334997&lib=kwaiq
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 43.152.26.104 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: Lego Server /
Resource Hash: 17a08ca949b6aafa43a8cd1490fd52174a7c697bd5f8d4aa46036f89c36e2a43

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-ks-client-ip: 164.5.255.112
Date: Wed, 05 Jun 2024 02:18:24 GMT
Content-Encoding: gzip
x-oss-request-id: 665FCAF0ADA096373074FD63
X-Cache-Lookup: Cache Hit
Content-MD5: 7P9nfeyJxYxyrA2r6d0ebw==
kwaisign: NULL
Connection: keep-alive
Content-Length: 76866
X-Ks-Request-ID: 5386172763642715934
X-Ks-Cache: Hit from 43.152.26.104
x-oss-object-type: Normal
Last-Modified: Tue, 28 May 2024 09:04:08 GMT
Server: Lego Server
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-ks-request-id,x-ks-client-ip,Content-Length
Cache-Control: no-cache
x-oss-storage-class: Standard
X-NWS-LOG-UUID: 5386172763642715934
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 7425553369367326137
x-oss-server-time: 42
Expires: Fri, 05 Jul 2024 02:18:24 GMT

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 72 B
287 B 546ms
316ms XHR
text/plain 184.86.251.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f6678c28ae0e3515e3728f70446ca4bdbb3026bb1cc9c2f790d279fbf1a74ae8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://dewi368.mstenergy.xyz
date: Fri, 07 Jun 2024 07:58:07 GMT
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 72
content-type: text/plain;charset=UTF-8

GET
H2 200 getPixelConfig Show response
ads.mythad.com/rest/n/adintl/ad/ 853 B
767 B 794ms
293ms XHR
application/json 184.86.251.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=567155347929432085&pageId=pageId-1717747086809-6962542252057
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-197.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 12fd28cfb2bd9e6bd91fe0c4c060cd284df063d1a6fe188423ea63c1bae20b3d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://dewi368.mstenergy.xyz
date: Fri, 07 Jun 2024 07:58:07 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 504
vary: Accept-Encoding
content-type: application/json;charset=UTF-8

GET
H2 200 getPixelConfig Show response
ads.mythad.com/rest/n/adintl/ad/ 1 KB
874 B 1091ms
591ms XHR
application/json 184.86.251.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/rest/n/adintl/ad/getPixelConfig?pixelId=579857628894334997&pageId=pageId-1717747086809-6962542252057
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-197.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 126ad73758e4751decdfd73095a5eeea31e315f22cd98225eae0f726870fc5b7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://dewi368.mstenergy.xyz
date: Fri, 07 Jun 2024 07:58:07 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 612
vary: Accept-Encoding
content-type: application/json;charset=UTF-8

GET
H2 200 css2
fonts.googleapis.com/ 5 KB
720 B 106ms
105ms Stylesheet
text/css 172.217.18.10
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;600&display=swap

Requested by

Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/app-mobile.css?id=d7271366690886d588ae

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.10 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f10.1e100.net

Software

ESF /

Resource Hash

6d5d856ec5c1d566a929bd730f7425c1f67db9bf6cdce2f2108e5e8cab03313a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 07 Jun 2024 07:58:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 07 Jun 2024 07:57:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 Jun 2024 07:58:07 GMT

GET
H3 200 jquery-ui.min.css
cdn.sitestatic.net/assets/jquery/ 31 KB
8 KB 380ms
380ms Stylesheet
text/css 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.sitestatic.net/assets/jquery/jquery-ui.min.css
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:07 GMT
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: N5EF9SY2EKNK59BH
age: 95392
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
x-amz-id-2: a3c8kUZ0wEHU4kOT/f0dk6G2byK0SRaoh1YaHWoO29QNrt/QjhSEdPE0EjmivqrzTtSaTcTQGdc=
last-modified: Sat, 29 Jul 2023 04:41:22 GMT
server: cloudflare
etag: W/"0b5729a931d113be34b6fac13bcf5b29"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 88ff185e98fd3768-HEL
expires: Sat, 07 Jun 2025 07:58:07 GMT

GET
H3 200 Maneki_Neko.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 19 KB
0 0ms
0ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Maneki_Neko.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70780a7c65b77d6d22afe34711fd6571bdaff21596575801b9459f4f2db9855c

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: eZ.TWEy8Ec2ecekPKEkKj_TeO3SBPC1X
cf-cache-status: HIT
x-amz-request-id: G3H9CZ3GVFKNA8E1
age: 6021
cf-polished: origFmt=png, origSize=22441
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Maneki_Neko.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19904
x-amz-id-2: UVrsE7BwTgcY2gZc89iZKSDUi2YS0Gr+FAQmRUlBkztQTvl6ifhsTOhV3F+jjpzGh8KeefQdRDKU4HPKWTuOJw==
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Apr 2024 10:53:08 GMT
server: cloudflare
etag: "650487dbd3efbb6cd1a3da6c1727cee2"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18479c763768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Mahjong_Ways_Two.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 21 KB
0 3ms
3ms Image
image/png 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Mahjong_Ways_Two.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96a5e5a540a4dfbcd282bfbb91f69ddd72f7209719b7c11d0af648a5102d79da

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: x3JiK5B5fnGWCbLzlBqUhHUvBezzEkNG
cf-cache-status: HIT
x-amz-request-id: 84KSYGM2BQE1WJZ0
age: 507
cf-polished: origSize=22530, status=webp_bigger
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 21781
x-amz-id-2: hnCBYdSRPYXX3Rx62w8Si3tSb8WEn9lMR06+n9lrx4W8fBSgqS1T9QxDi+d8WhViXh+g/Lpo6Mc=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:46 GMT
server: cloudflare
etag: "bc01167bfc2cc3da649f2676848db923"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18479c773768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Gates_Of_Olympus.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 20 KB
0 3ms
3ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Gates_Of_Olympus.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c783ae9a7961fcafdda9d2c0ea62c73fadc4811f06a4ffc08f7e654bb83cf472

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: S4GR9uNWr.zKiF_6y5R8PTHxR5Zee5w9
cf-cache-status: HIT
x-amz-request-id: ZHDPJVD6X9KAP2JV
cf-polished: origFmt=png, origSize=21732
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Gates_Of_Olympus.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20610
x-amz-id-2: 9moa9FCNO6dapVZKBQ6jxbF/RCaxf+AZcMOtvQCAq+yxpqvy+tfcy3eicTHh4PNSLZpE09Oo/SM=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:41 GMT
server: cloudflare
etag: "2ca81042859e7e09bec1de01b6f2a352"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff1847cc863768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Starlight_Princess.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 18 KB
0 3ms
3ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Starlight_Princess.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06b3b723285deec88d88deb08bf651d1a66959b60959785fe07d4e2888de9998

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: biiVY1BNQEW0ox8XUT4b3LEGy45XJ370
cf-cache-status: HIT
x-amz-request-id: 0B95HKD44VQWSRM8
age: 511
cf-polished: origFmt=png, origSize=19891
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Starlight_Princess.webp"
alt-svc: h3=":443"; ma=86400
content-length: 18698
x-amz-id-2: BOxpEJoL3XcKE8vakEDaldI79gMdCZsZYaHzpFW0zJKV+l5R5xhKB1Ov8XkBHy3kZ5Vned3fUjE=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:49 GMT
server: cloudflare
etag: "c0ebcad0fb5984762cc644bb6c4d1f07"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483ccb3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Mahjong_Ways.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 19 KB
0 3ms
3ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Mahjong_Ways.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: f73ac99c08fabbedde5cae860087d7d16d9e6ab85863f83b6dd89e2a934012af

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: In6gxRZ8b6PnTDNXDu.JBO90nm15oeCZ
cf-cache-status: HIT
x-amz-request-id: 65CZJT60EDA0Q202
age: 514747
cf-polished: origFmt=png, origSize=20153
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Mahjong_Ways.webp"
alt-svc: h3=":443"; ma=86400
content-length: 19252
x-amz-id-2: AtdecH0YiWO17OCCp6DUaUuC9nvxBk4QrVTR2iSHEVvTRXzwKF4EFaLQCo6lWW9rY2hpCk+Rp9fmEoHFnSGwYA==
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:45 GMT
server: cloudflare
etag: "b971c6792f68d486371df509ad3c0661"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483ccc3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Sweet_Bonanza.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 16 KB
0 4ms
4ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Sweet_Bonanza.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb2b812df04aa12e2f598c4847c516b077a0249ff62e84951c94fd9b22f31b1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: 0YrO38l4D.o9DfeiC.D7BmkxiULY_Aw5
cf-cache-status: HIT
x-amz-request-id: E5DKRBW3G29F8N65
age: 36701
cf-polished: origFmt=png, origSize=17058
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Sweet_Bonanza.webp"
alt-svc: h3=":443"; ma=86400
content-length: 16686
x-amz-id-2: +OwQ9Pk1fu5x3BARxwyCaBIRIY0+z1x5EZ9s2Uisz0P/ejmHf09te6uH9e7niU5nGRveyv+7Kq/nH9EYSzsqvg==
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:52 GMT
server: cloudflare
etag: "6cc91fa9659038c1b7d61d9e8794bb80"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483ccd3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Gates_Of_Olympus_1000.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 59 KB
0 4ms
4ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Gates_Of_Olympus_1000.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 26936934bd1611d66d3c77d318d16af4e067d6b45ed70f9d914c2870949df658

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: rP_jiNr3X7lkNOVoyNTwov0IZw2fozDU
cf-cache-status: HIT
x-amz-request-id: 2T1HFYZ2P7DA2PDP
age: 511
cf-polished: origFmt=png, origSize=74738
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Gates_Of_Olympus_1000.webp"
alt-svc: h3=":443"; ma=86400
content-length: 60708
x-amz-id-2: ginSLZ86tUl4AJyJsKRjM8Des/FnIWhsG78Tgku4uXrECBdsD4d6oWM6MlduverE5oNT2SEgOHPbrwfgH7fp1Q==
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jan 2024 12:52:59 GMT
server: cloudflare
etag: "62ef81bab5264926d8f2068140cd80e4"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483cce3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Lucky_Neko.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 18 KB
0 5ms
4ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Lucky_Neko.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e458b6398b0f729b96a4c6134d5d11857f65832b5f66acabe27e7a9ff2d5e10

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: pv76Enwz6LhszHxkVHUvGUms0dWzDTms
cf-cache-status: HIT
x-amz-request-id: HA2RG0C60WZ1QTK2
age: 507
cf-polished: origFmt=png, origSize=19347
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Lucky_Neko.webp"
alt-svc: h3=":443"; ma=86400
content-length: 18078
x-amz-id-2: 4gmRkEDmdOXd4dQYh9vXWklSXJbZrfA2P9wx/7EyKYI4I8bgLMM7+48REAXLigBCS83BZFcY5QQ=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:43 GMT
server: cloudflare
etag: "026aede0e800879a5cd791409692b598"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483ccf3768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Neko_Riches.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 17 KB
0 5ms
5ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Neko_Riches.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8a2f63033d659ab070c5fe3391e27c2e59ee90024dd48451f72ff4ff63ecbd9

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: G0.VTw5pykVmnpYd56sVm3_eZFvYRSpx
cf-cache-status: HIT
x-amz-request-id: 1RKE4B5AA7MASZHV
age: 511
cf-polished: origFmt=png, origSize=17957
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Neko_Riches.webp"
alt-svc: h3=":443"; ma=86400
content-length: 17126
x-amz-id-2: Aums64ulj2ywvqPnTeoKj6AhWWoyi9f9UOqmmjFL9lKqV1RlPZ/uX/V3UxE7r6fLas8EEgI4Ek8=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:48 GMT
server: cloudflare
etag: "f764de80b2bfc14a2448a6b132d1ba7d"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483cd03768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Wild_Bandito.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 18 KB
0 4ms
4ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Wild_Bandito.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c58c101cc884efde178a3043489874d9f58bce38e1b6a6795ef8065abbf48f6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: bmBHQZ8z_J8SYtVcGWBxtmi9_xkPg73Q
cf-cache-status: HIT
x-amz-request-id: 2T1GPSEG1TX93WJA
age: 479
cf-polished: origFmt=png, origSize=19636
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Wild_Bandito.webp"
alt-svc: h3=":443"; ma=86400
content-length: 18740
x-amz-id-2: c61o3ff7aVDTc1jNLcyOqnbA26+rJvnqNRHYs6ysUrsJjat5B1LtJ7vUpiM/wkjNeTdwTgNhcc6cx6/8BN9lcA==
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:57 GMT
server: cloudflare
etag: "911838672d75d53326341e56fb1ad30d"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483cd13768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 Starlight_Princess_1000.png
files.sitestatic.net/assets/imgs/giga_gaming/hot_games/ 20 KB
0 4ms
4ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/giga_gaming/hot_games/Starlight_Princess_1000.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 51ecb52b412444d5649e7cb8e2dbceb134216bae4a3126f90e87e2a39223c48e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:03 GMT
x-amz-version-id: EBH7_w39F0Bzgds7kbimj7W80jT3Swhx
cf-cache-status: HIT
x-amz-request-id: 6BK0BRD1FN5S1PHN
age: 208105
cf-polished: origFmt=png, origSize=21375
x-amz-server-side-encryption: AES256
content-disposition: inline; filename="Starlight_Princess_1000.webp"
alt-svc: h3=":443"; ma=86400
content-length: 20054
x-amz-id-2: gL5g7SgVkV6Bi1fmLoETQ3ThIzDuOT9UB4pWqnqFSFAs8nd4uVeKbG30VmXKa+/i5W0AL/WFCz8=
cf-bgj: imgq:85,h2pri
last-modified: Tue, 07 Nov 2023 13:34:51 GMT
server: cloudflare
etag: "21e420b9e0210a1662aed8aabb769d60"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18483cd23768-HEL
expires: Sat, 07 Jun 2025 07:58:03 GMT

GET
H3 200 theme-title-bg-img-t8.png
files.sitestatic.net/assets/imgs/gigagaming/ 272 KB
273 KB 627ms
626ms Image
image/png 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/gigagaming/theme-title-bg-img-t8.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/custom.css?id=d002093e299d92b41341
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8bb4df4ed3cebbdd1921962669a4db8fac15e82261a858d2a3a7759294950368

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Sat, 07 Jun 2025 07:58:07 GMT
date: Fri, 07 Jun 2024 07:58:07 GMT
x-amz-version-id: x5VDhcnp3nP0s.M0oRztWplpSrXCwPMh
cf-cache-status: MISS
x-amz-request-id: 4GV6HFMMM48R4KN5
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 8bb4df4ed3cebbdd1921962669a4db8fac15e82261a858d2a3a7759294950368
alt-svc: h3=":443"; ma=86400
content-length: 278698
x-amz-id-2: mI+secFAIkk++ccmuCyujNkfM5dftS3AbYB+X1knj+NfWiY0lSTV3p8eeYkNifFDeuMjDLeCS3QFOFEbAYlcHg==
last-modified: Tue, 05 Oct 2021 12:46:16 GMT
server: cloudflare
etag: "67dcb9bf24d0fb2cd64cc5430bc844f8"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff185ec90f3768-HEL
x-amz-meta-s3b-last-modified: 20211005T124514Z

GET
H3 200 title-bg-img.png
files.sitestatic.net/assets/imgs/gigagaming/ 51 KB
51 KB 372ms
372ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/assets/imgs/gigagaming/title-bg-img.png
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/custom.css?id=d002093e299d92b41341
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea5c630a2450f07fc3ec8347b7d48fa5e8022b5fd8a04c2d491ae9390403c2b6

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20210923T100609Z
date: Fri, 07 Jun 2024 07:58:07 GMT
x-amz-version-id: hQvZUrgpQh7YwY.9.NGIS5BTz3wjU90g
cf-cache-status: HIT
x-amz-request-id: 2EJ2QMW7YR1ERCK0
age: 6026
cf-polished: origFmt=png, origSize=92329
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: 217e7ec18e1c0a250d90170d1badf8f15ca1186693a1389cdf8264f6fdf805eb
content-disposition: inline; filename="title-bg-img.webp"
alt-svc: h3=":443"; ma=86400
content-length: 52000
x-amz-id-2: blwcJd4jfCeGH70VFdkhTX1eg4bWhA050P6NgFF7sqenqWRNeDdx9gi5ty94pi4N26Z78sc3uto=
cf-bgj: imgq:85,h2pri
last-modified: Thu, 23 Sep 2021 12:02:30 GMT
server: cloudflare
etag: "51e5cca82f51963c4c848bec65001cdc"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff185ec9103768-HEL
expires: Sat, 07 Jun 2025 07:58:07 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
32 KB 134ms
132ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@200;300;600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://dewi368.mstenergy.xyz
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 01:36:19 GMT
x-content-type-options: nosniff
age: 22908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 Jun 2025 01:36:19 GMT

GET
H2 200 UqyJK8kPP3hjw6ANTdfRk9YSN983TKU.woff2
fonts.gstatic.com/s/rubikmonoone/v18/ 13 KB
13 KB 117ms
117ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rubikmonoone/v18/UqyJK8kPP3hjw6ANTdfRk9YSN983TKU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rubik+Mono+One&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

c1e770d64eb3fdf5bbbb8a366df90607632d68f266edc21af9230fe5181c1813

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://dewi368.mstenergy.xyz
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 04 Jun 2024 14:07:57 GMT
x-content-type-options: nosniff
age: 237010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12844
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:52:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 04 Jun 2025 14:07:57 GMT

GET
H3 200 flags-sm.png
files.sitestatic.net/sprites/ 12 KB
13 KB 71ms
70ms Image
image/webp 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/sprites/flags-sm.png?v=8.1
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/app-mobile.css?id=d7271366690886d588ae
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8fd75df23a36dc508478535ee809456a101fe36802252d6ebfb586dfaaf4c2d1

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-meta-s3b-last-modified: 20230215T020107Z
date: Fri, 07 Jun 2024 07:58:07 GMT
x-amz-version-id: hLUm81uQN3iSTcpk4UFxAE3C0h95JMA8
cf-cache-status: HIT
x-amz-request-id: TBVZWK1MZ3NFGXZ5
age: 92424
cf-polished: origFmt=png, origSize=21986
x-amz-server-side-encryption: AES256
x-amz-meta-sha256: bcad67cbdce6856e5b7d009d7a6d5a29a468fd459661b7cfda87cee20d0de26a
content-disposition: inline; filename="flags-sm.webp"
alt-svc: h3=":443"; ma=86400
content-length: 12586
x-amz-id-2: OOwQ6s/DBy3ZpMt4mC8VNlstdqyr7hdJXXzBz+CJFcAgPVUgAPheVgerfdS9M0LFwwc72xBotbY=
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Feb 2023 02:23:05 GMT
server: cloudflare
etag: "f65867ed882901895a6527c452994998"
vary: Accept
content-type: image/webp
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18611a683768-HEL
expires: Sat, 07 Jun 2025 07:58:07 GMT

POST getPokerJackpotAmt
www.dewi188os.com/ 0
0

GET
H3 200 20240408222923000000d86f259affGGGAAAT__647x1280.jpg
files.sitestatic.net/promotion_banners/ 263 KB
263 KB 584ms
583ms Image
image/jpeg 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://files.sitestatic.net/promotion_banners/20240408222923000000d86f259affGGGAAAT__647x1280.jpg
Requested by: Host: dewi368.mstenergy.xyz
URL: https://dewi368.mstenergy.xyz/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0767c957a94e2cb366b1b32f568ed081335eace692e7007f8c3e42d050e2490e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:08 GMT
x-amz-version-id: SsLAQosIVwPpnCGGtHLI8LIDdy45mUEl
cf-cache-status: MISS
x-amz-request-id: 4GV14EGKTFGQXHSD
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 268811
x-amz-id-2: ONUOcKxV7F/O9PQVAow5ZfLBRt6eRJ6eKsApnSy1BDBMJMP/cRn6f+y4mZxXpyRxdQLtrrMFVxycWmPmh3ziew==
last-modified: Mon, 08 Apr 2024 14:29:24 GMT
server: cloudflare
etag: "1ccde547540f3df0811976ed130cc170"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff18616a7f3768-HEL
expires: Sat, 07 Jun 2025 07:58:08 GMT

POST
H2 200 api Show response
ads.mythad.com/log/common/co/ 2 KB
1 KB 538ms
538ms XHR
application/json 184.86.251.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-197.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 40b9fb5871829d066d480377538d1682d0519c97a0209c324b0f52263f6d7919

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://dewi368.mstenergy.xyz
date: Fri, 07 Jun 2024 07:58:08 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 1014
vary: Accept-Encoding
content-type: application/json;charset=utf-8

OPTIONS
H2 200 api
ads.mythad.com/log/common/co/ 0
0 288ms
287ms Preflight 184.86.251.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-197.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://dewi368.mstenergy.xyz
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://dewi368.mstenergy.xyz
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Fri, 07 Jun 2024 07:58:07 GMT

POST
H2 200 api Show response
ads.mythad.com/log/common/co/ 2 KB
1 KB 533ms
533ms XHR
application/json 184.86.251.197
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.mythad.com/log/common/co/api
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.197 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-197.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eacc529cb68126a13a8fcbf8caa34937a037b82856eca854f6d2495beb449fad

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://dewi368.mstenergy.xyz
date: Fri, 07 Jun 2024 07:58:08 GMT
content-encoding: gzip
access-control-allow-credentials: true
content-length: 1012
vary: Accept-Encoding
content-type: application/json;charset=utf-8

POST
H2 200 radar Show response
logsdk.kwai-pro.com/rest/wd/common/log/collect/ 71 B
197 B 336ms
333ms XHR
text/plain 184.86.251.205
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://logsdk.kwai-pro.com/rest/wd/common/log/collect/radar?v=3.10.28&kpn=ksib.fe.pixel
Requested by: Host: s1.kwai.net
URL: https://s1.kwai.net/kos/s101/nlav11187/pixel/core/core.js?sdkid=567155347929432085&lib=kwaiq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.86.251.205 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-86-251-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 46852853ed316bfce76e98db9c85198f758c9adaafaea36d1959deb1ad3c117b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://dewi368.mstenergy.xyz
date: Fri, 07 Jun 2024 07:58:08 GMT
access-control-allow-credentials: true
content-length: 71
content-type: text/plain;charset=UTF-8

GET
H3 200 62b678fe711a9_imgpsh_fullsize_anim%20(2).png
files.sitestatic.net/ImageFile/ 90 KB
90 KB 499ms
499ms Other
image/png 154.83.2.16
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://files.sitestatic.net/ImageFile/62b678fe711a9_imgpsh_fullsize_anim%20(2).png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 154.83.2.16 , Seychelles, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 217cd321d853553f2f72108dccb184d85dcf4816f79e4a203141574a0af9ac3a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://dewi368.mstenergy.xyz/
Accept-Language: fi-FI,fi;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 07 Jun 2024 07:58:08 GMT
x-amz-version-id: RYmX9QGpGBbcMMl5EEqN_ALZtCak_hl.
cf-cache-status: MISS
x-amz-request-id: Q7MEBEERDPZ21P8E
x-amz-server-side-encryption: AES256
alt-svc: h3=":443"; ma=86400
content-length: 92119
x-amz-id-2: HtNyGFI/DVkqch0Clj4gR7p6fXXo12BbVt8TgEWe2D9oOOyZpwwZvPYicbFjLvEEZ2thXin7ghjioXQdxY80SA==
last-modified: Sat, 25 Jun 2022 02:54:55 GMT
server: cloudflare
etag: "0b5e3632e59bde67cc678dbd86180678"
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 88ff1865dd4b3768-HEL
expires: Sat, 07 Jun 2025 07:58:08 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.dewi188os.com
URL: https://www.dewi188os.com/css/ugsports/swiper.css

Domain: www.dewi188os.com
URL: https://www.dewi188os.com/fonts/ugsubskin/icomoon/style.min.css?v=1.3

Domain: www.dewi188os.com
URL: https://www.dewi188os.com/assets/images/log_html5.png

Domain: www.dewi188os.com
URL: https://www.dewi188os.com/assets/images/btn_playnow.png

Domain: www.dewi188os.com
URL: https://www.dewi188os.com/js/ugsports/app-mobile.js?id=5e41997091caa380a2c9

Domain: www.dewi188os.com
URL: https://www.dewi188os.com/getPokerJackpotAmt

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
bumatek.boun.edu.tr/	1970-01-21 05:54:43	Name: cookiesession1 Value: 678A3E55C17E4E8358D36E0460640AA0
.dewi188os.com/	1970-01-20 21:09:08	Name: __cf_bm Value: wRSS05VKwLC_4dVYww_Fhnl4Yd7iyzA28HSEDDBPLhQ-1717747083-1.0.1.1-62.pFCmIsGjrUqk86Atyk7ZXZdHilgdG3osB4FsgrTg8MF9SE3oid66SX6FrUSvsPBztu6543D3R_uDAkiSZxg
.sitestatic.net/	1970-01-20 21:09:08	Name: __cf_bm Value: NDjJ1cRl2yIEN8gfXAvPlucO29O3TmTBWhDGOmkwLN0-1717747083-1.0.1.1-Y6JNRRn6TXCppOj8v79Efrkslijen4cVEUvNsO7m98E6vmhT.cPVfWI0YOzI3e4DuYOzzFwD9g6Co9sMTjXLLw
.mstenergy.xyz/	1970-01-20 23:18:43	Name: _fbp Value: fb.1.1717747085929.181725812777769271
.mstenergy.xyz/	1970-01-21 05:54:43	Name: _did Value: web_187600719413BDCD
.mstenergy.xyz/	1970-01-21 05:54:43	Name: kwai_uuid Value: c451c7af878acb2e181d4493175656ca
.mythad.com/	1970-01-21 06:45:07	Name: kwai_ckid Value: 1717747087728_5399592157839889

60 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.dewi188os.com/css/ugsports/swiper.css Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://dewi368.mstenergy.xyz/icomoon.woff2?h141kb Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.dewi188os.com/assets/images/log_html5.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other	warning	URL: https://dewi368.mstenergy.xyz/(Line 199) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.dewi188os.com/js/ugsports/app-mobile.js?id=5e41997091caa380a2c9 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other	warning	URL: https://dewi368.mstenergy.xyz/(Line 199) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.dewi188os.com/fonts/ugsubskin/icomoon/style.min.css?v=1.3 Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other	warning	URL: https://dewi368.mstenergy.xyz/(Line 199) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://www.dewi188os.com/assets/images/btn_playnow.png Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other	warning	URL: https://dewi368.mstenergy.xyz/(Line 199) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/(Line 199) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
recommendation	verbose	URL: https://dewi368.mstenergy.xyz/ Message: [DOM] Multiple forms should be contained in their own form elements; break up complex forms into ones that represent a single action: (More info: https://goo.gl/9p2vKq) %o
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	error	URL: https://dewi368.mstenergy.xyz/ Message: Access to XMLHttpRequest at 'https://www.dewi188os.com/getPokerJackpotAmt' from origin 'https://dewi368.mstenergy.xyz' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.dewi188os.com/getPokerJackpotAmt Message: Failed to load resource: net::ERR_FAILED
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://dewi368.mstenergy.xyz/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://dewi368.mstenergy.xyz/ Message: The resource https://dewi368.mstenergy.xyz/icomoon.woff2?h141kb was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pokebob.online
ads.mythad.com
bumatek.boun.edu.tr
cdn.sitestatic.net
connect.facebook.net
dewi368.mstenergy.xyz
direct.clothesfashion.online
files.sitestatic.net
fonts.googleapis.com
fonts.gstatic.com
i.imgur.com
iili.io
logsdk.kwai-pro.com
qris.otomatis.vip
s1.kwai.net
www.dewi188os.com
www.facebook.com
www.dewi188os.com
104.21.235.69
142.250.184.195
154.83.2.16
157.240.247.35
157.240.247.8
161.9.151.82
172.217.18.10
172.67.172.48
172.67.69.226
184.86.251.197
184.86.251.205
188.114.96.3
199.232.196.193
43.152.26.104
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
06b3b723285deec88d88deb08bf651d1a66959b60959785fe07d4e2888de9998
0767c957a94e2cb366b1b32f568ed081335eace692e7007f8c3e42d050e2490e
126ad73758e4751decdfd73095a5eeea31e315f22cd98225eae0f726870fc5b7
12fd28cfb2bd9e6bd91fe0c4c060cd284df063d1a6fe188423ea63c1bae20b3d
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16c6e52bde4cc463f31ed65f80f376b8c58a223f75b4bc3338d9d3b54d3431a4
16f5b6b3f05832ec5c501b053858f0c44db2175e8af1b55d51d39d3df5752f4a
17a08ca949b6aafa43a8cd1490fd52174a7c697bd5f8d4aa46036f89c36e2a43
1cea8f5e200fcfc0e1d1b0797151f138faa548d850f9dde66a43424eb93f9450
1ed30c846d58a68884e549ea69a8826034ab1d034874f4211454b9e34fed6ef7
1f80cdbf4cc504bcc47aa3fa33c4729dbe72e4df21e5610e4b3a15cfdb19d988
217cd321d853553f2f72108dccb184d85dcf4816f79e4a203141574a0af9ac3a
230d6bc167e2bd82773b97c8a50ff08481d6006f1c4ecc547403cd5ae2e9b969
26936934bd1611d66d3c77d318d16af4e067d6b45ed70f9d914c2870949df658
270524b0d27afd1d3b6622d1a176c678daed94564c143297e217a63e21ce9820
273c6714084d89afda9c7037f9cd63eab225edd527f2368fe86d9fb25c27a2e3
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
2e9ef055ccdb65c84c4014ae2deb521864abbab31d366288d4c3f2161b188b5a
3689e0482573b519c0e70686b17303b5439d7f931ef6b226f799f075aab39e00
3936eeba9a43265b4a8231e235e20ccf1462bd79e86b918b9da41c9fac30cdaf
3eb2b812df04aa12e2f598c4847c516b077a0249ff62e84951c94fd9b22f31b1
4033ddb5c07522e6dec870574082458dabd076c334a5b1446d54e2da542e45dd
40b9fb5871829d066d480377538d1682d0519c97a0209c324b0f52263f6d7919
4258325d0e652bee5432a0d18b3b1d596659b03f5a86f0636565e78ad16f0a3f
46852853ed316bfce76e98db9c85198f758c9adaafaea36d1959deb1ad3c117b
4fbf85a9cb3dd8d9b9cee3a1014e3caf54e5c48db130732840ba7733af1a01ec
51ecb52b412444d5649e7cb8e2dbceb134216bae4a3126f90e87e2a39223c48e
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
5c58c101cc884efde178a3043489874d9f58bce38e1b6a6795ef8065abbf48f6
5eb4f365392046cd80159aa9f9e990af7c371b6be42dcac35f7ae5202ec63745
62ec963ec2ddda256157253e8ef9a8355423cfd49733c6a0192796c6d341e828
6d5d856ec5c1d566a929bd730f7425c1f67db9bf6cdce2f2108e5e8cab03313a
70780a7c65b77d6d22afe34711fd6571bdaff21596575801b9459f4f2db9855c
74245c6e47902cbf49e7f703dfac18571e957f638ecd8c07b15c1a7bc6b484f9
7b1bc6ddf81b9212855c94157645c93be27c8380737f4ee22502220e2f57822d
83ebe8170b3b5dda2d20a80fe205ec14e1f8cb19ed40cfe73d480087b588e56c
891b06c855b5a66c0fcb5007d609e4c3a81f0cee98ffad8835ab8e98521b95c5
8bb4df4ed3cebbdd1921962669a4db8fac15e82261a858d2a3a7759294950368
8e458b6398b0f729b96a4c6134d5d11857f65832b5f66acabe27e7a9ff2d5e10
8fd75df23a36dc508478535ee809456a101fe36802252d6ebfb586dfaaf4c2d1
96a5e5a540a4dfbcd282bfbb91f69ddd72f7209719b7c11d0af648a5102d79da
9ad37d3fd1d807f2331b403b546b48bd7ddde2bcddd01711d7f163d1c43bcebf
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9
9ee2fcff6709e4d0d24b09ca0fc56aade12b4961ed9c43fd13b03248bfb57afe
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
af9a42baeabb75eb4eeb81d111196c4d5b129288f195c9ea8ab17b7344a29152
b2538d3b57022bc05f3800160ff645dabe6819fb899ac94603a7214fee5fa6b5
b9f3c72c2b1ac604278d76d9d0a6069817842fccf2c84b4988c209bb7f6900dc
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bd16aaf65d7bddfcf11f1834de29f3c40229eb31fe650a4101be6d30a07c5126
c1e770d64eb3fdf5bbbb8a366df90607632d68f266edc21af9230fe5181c1813
c754bb76abe4e581edaf719bc873d364e4e6031644fda40ad605eb3da37e7328
c783ae9a7961fcafdda9d2c0ea62c73fadc4811f06a4ffc08f7e654bb83cf472
c8a2f63033d659ab070c5fe3391e27c2e59ee90024dd48451f72ff4ff63ecbd9
cadda460ccb4c3c01bb45f3d5976f63f5adf8dc3ff1d31cb4fbd3ded4f18e5bf
cdc9c3093d1d005ecb2f9bb322d8defba8bec58f505708e4d508335fa1fd87ef
cfc71a003148530cab6faceebfeeff722dd0c8805476b44a71eb74004a811bd1
d05e0345406f2d676efda2063643450279a9898463f1be66050ac9ea3786cd03
d0e10c58f30442fe280c8d102bfe08883fdcc2c4008a0032e68d2165816075cc
e3043faabfc9ef8064fceef7f739ce3346b98579cabcf518a9197f7d124292fc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ddb9b51c5a2d9a773bdf1f50364aa809b41a3d0fa947fc485e2480647ad59c
ea5c630a2450f07fc3ec8347b7d48fa5e8022b5fd8a04c2d491ae9390403c2b6
eacc529cb68126a13a8fcbf8caa34937a037b82856eca854f6d2495beb449fad
f018b8a0bda4f9ecf744ff4816799ca811d7fb0bb4e391f16612b6ad641c4d5f
f6678c28ae0e3515e3728f70446ca4bdbb3026bb1cc9c2f790d279fbf1a74ae8
f73ac99c08fabbedde5cae860087d7d16d9e6ab85863f83b6dd89e2a934012af
f74465ceecfca4864ae20f68d88ee718afbd9f9714f516ddb781adc513b96ab0

dewi368.mstenergy.xyz Open in urlscan Pro 172.67.172.48 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

102 Requests

88 %HTTPS

0 %IPv6

16 Domains

17 Subdomains

15 IPs

6 Countries

4680 kBTransfer

6499 kBSize

7 Cookies

3 Outgoing links

Page URL History

Redirected requests

102 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

dewi368.mstenergy.xyz Open in urlscan Pro
172.67.172.48 Public Scan

Screenshot
Live screenshot

Full Image

102
Requests

88 %
HTTPS

0 %
IPv6

16
Domains

17
Subdomains

15
IPs

6
Countries

4680 kB
Transfer

6499 kB
Size

7
Cookies

102 HTTP transactions
0 data transactions