Submitted URL: https://45781.pm/
Effective URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Submission: On July 01 via api from US — Scanned from DE

Summary

This website contacted 16 IPs in 5 countries across 12 domains to perform 160 HTTP transactions. The main IP is 172.65.194.65, located in United States and belongs to CLOUDFLARENET, US. The main domain is evamrx.r09uwjowqgvf.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 1st 2024. Valid for: a year.
This is the only time evamrx.r09uwjowqgvf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 43.251.57.237 7483 (SKYCLOUD-...)
16 172.65.194.65 13335 (CLOUDFLAR...)
4 2600:9000:275... 16509 (AMAZON-02)
2 2600:9000:20e... 16509 (AMAZON-02)
16 18.239.83.120 16509 (AMAZON-02)
63 3.160.150.113 16509 (AMAZON-02)
2 154.203.26.91 35916 (MULTA-ASN1)
2 2600:9000:224... 16509 (AMAZON-02)
2 154.203.26.93 146993 (DBL-AS-AP...)
1 114.119.189.26 136907 (HWCLOUDS-...)
1 18.245.31.43 16509 (AMAZON-02)
1 47.254.187.154 45102 (ALIBABA-C...)
1 2a03:2880:f08... 32934 (FACEBOOK)
1 157.240.0.6 32934 (FACEBOOK)
3 43.152.44.80 ()
1 2606:4700::68... ()
160 16
Domain Requested by
67 cdntoos.bprlk.com evamrx.r09uwjowqgvf.com
18 evamrx.cbtwen.com evamrx.r09uwjowqgvf.com
16 evamrx.r09uwjowqgvf.com evamrx.r09uwjowqgvf.com
3 riskct.geetest.com evamrx.r09uwjowqgvf.com
static.geetest.com
2 connect.facebook.net evamrx.r09uwjowqgvf.com
connect.facebook.net
2 www.yongli-oss.com evamrx.r09uwjowqgvf.com
2 cdnapiif.conbnw.com evamrx.r09uwjowqgvf.com
2 js.d15ucryyr.com evamrx.r09uwjowqgvf.com
1 static.geetest.com evamrx.r09uwjowqgvf.com
1 tifjqr-1000-ppp.oss-accelerate.aliyuncs.com evamrx.r09uwjowqgvf.com
1 fpnpmcdn.net evamrx.r09uwjowqgvf.com
1 conn.webpush.theengagelab.com evamrx.r09uwjowqgvf.com
1 45781.pm 1 redirects
160 13

This site contains no links.

Subject Issuer Validity Valid
evamrx.r09uwjowqgvf.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-01 -
2025-07-01
a year crt.sh
cdntoos.bprlk.com
Amazon RSA 2048 M03
2024-05-05 -
2025-06-04
a year crt.sh
evamrx.cbtwen.com
Amazon RSA 2048 M03
2024-05-13 -
2025-06-12
a year crt.sh
js.d15ucryyr.com
Sectigo RSA Domain Validation Secure Server CA
2024-05-07 -
2025-05-07
a year crt.sh
cdnapiif.conbnw.com
Amazon RSA 2048 M03
2024-05-12 -
2025-06-11
a year crt.sh
www.yongli-oss.com
Sectigo RSA Domain Validation Secure Server CA
2024-02-13 -
2025-02-12
a year crt.sh
conn.webpush.theengagelab.com
Encryption Everywhere DV TLS CA - G2
2023-10-09 -
2024-10-08
a year crt.sh
fpcdn.io
Amazon RSA 2048 M03
2023-10-10 -
2024-11-08
a year crt.sh
*.oss-eu-central-1.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3
2024-01-26 -
2025-02-26
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-04-10 -
2024-07-09
3 months crt.sh
*.geetest.com
GeoTrust TLS RSA CA G1
2024-03-12 -
2025-03-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Frame ID: 4CFFA03D8E776C603DDFEAA99B612365
Requests: 156 HTTP requests in this frame

Screenshot

Page Title

永利国际·YL91.COM

Page URL History Show full URLs

  1. https://45781.pm/ HTTP 302
    https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

160
Requests

73 %
HTTPS

31 %
IPv6

12
Domains

13
Subdomains

16
IPs

5
Countries

3394 kB
Transfer

9280 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://45781.pm/ HTTP 302
    https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

160 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
evamrx.r09uwjowqgvf.com/
Redirect Chain
  • https://45781.pm/
  • https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
40 KB
11 KB
Document
General
Full URL
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
b887d12b494798a273bb0d3d00aff208512ba580336a2d01f75d32f12f78fe6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

c-type
pf
cache-control
s-maxage=600,public,max-age=0
content-encoding
gzip
content-md5
NVl7gXQaAptZjhkvPY14Qw==
content-type
text/html
date
Mon, 01 Jul 2024 17:57:26 GMT
last-modified
Mon, 01 Jul 2024 16:44:25 GMT
rid
e6bcbb6a8e273f063e454e489e706d88
server
gocache
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
x-cache-status
MISS
x-oss-hash-crc64ecma
499153714119776313
x-oss-object-type
Normal
x-oss-request-id
6682EE061F85633333B2F07A
x-oss-server-time
1
x-oss-storage-class
Standard

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 01 Jul 2024 17:57:24 GMT
location
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
server
CDNRAY
runtime.b34cca315b755b50d3db.js
evamrx.r09uwjowqgvf.com/assets/
43 KB
17 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
5688af82092a78b1d15acd409eebfb73da9ec9305e3d737773faf42d0cd6d958
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682EE07F27FBE30389FB8FA
content-md5
xsb1KS9jHwXShNoinKA2nA==
x-cache-status
MISS
rid
9d8f55fe449586f6b8335cb080958a23
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:47 GMT
server
gocache
etag
W/"C6C6F5292F631F05D284DA229CA0369C"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3178690818078462152
x-oss-server-time
1
vendor~cdd60c62.3c60f82eaf6179feae0f.js
evamrx.r09uwjowqgvf.com/assets/
160 KB
49 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/vendor~cdd60c62.3c60f82eaf6179feae0f.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
7d42d09e46c7a3c5b5919b101acb62b712183e13011850c247194016497b5e84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682EE07DA8A793135CF6C3D
content-md5
WOF+NjF4UdzURNl4rnuMvg==
x-cache-status
MISS
rid
7e19ac257e18744d0a6c65471f245a42
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:40 GMT
server
gocache
etag
W/"58E17E36317851DCD444D978AE7B8CBE"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10097544485804355755
x-oss-server-time
7
vendor~d2eb5610.aa2833113402db7e9461.js
evamrx.r09uwjowqgvf.com/assets/
178 KB
51 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/vendor~d2eb5610.aa2833113402db7e9461.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
9c8f3a924c8e0131a2fd7c9171117bccc975c50130091855a01c914042a4c8e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682ECD91F8563343435AB73
content-md5
RN5vGTtf/OY7P6D2wylVWA==
x-cache-status
HIT
rid
53411a38b09bff4d8ab7dc853b13ffde
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:16 GMT
server
gocache
etag
W/"44DE6F193B5FFCE63B3FA0F6C3295558"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
8914712505974508887
x-oss-server-time
1
vendor~5a94f17d.c3a540284023f4f11abe.js
evamrx.r09uwjowqgvf.com/assets/
190 KB
58 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/vendor~5a94f17d.c3a540284023f4f11abe.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
ae8172ccd0aaece6796c8e2d2a8e8c2cb9a2e2fffb4fa5d4dc1620da219f281e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682ECD923C0543234C8EEEF
content-md5
DD7NYeP9bL4l5qD1imzufg==
x-cache-status
HIT
rid
3e61da92abcf0aebbe637adac2f0939f
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:12 GMT
server
gocache
etag
W/"0C3ECD61E3FD6CBE25E6A0F58A6CEE7E"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
6622289555149951448
x-oss-server-time
2
vendor.ant-design-vue~c5d15932.30ae5ff07734e9ca2982.js
evamrx.r09uwjowqgvf.com/assets/
237 KB
65 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/vendor.ant-design-vue~c5d15932.30ae5ff07734e9ca2982.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
35181631d07a7ebaa0a810d9a2c813d7803baffcd0e6660f6417fe88c478ecb1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682ECD9F96C043436F85C62
content-md5
Cz5XnFB3w1Hks70/xfj49g==
x-cache-status
HIT
rid
cb39790f7173bec37da9a41d626b2dc2
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:18 GMT
server
gocache
etag
W/"0B3E579C5077C351E4B3BD3FC5F8F8F6"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2903818846066539284
x-oss-server-time
2
vendor.ant-design-vue~858e9c75.d52bc62dfccd360b218d.js
evamrx.r09uwjowqgvf.com/assets/
326 KB
85 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/vendor.ant-design-vue~858e9c75.d52bc62dfccd360b218d.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
c8f1e2875f04cc67a72b87fd50a65dd3e30755a0bb38c0e2dd00ccee193f4b18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682ECD9D14BBC34370A169C
content-md5
5BeV//Bk0XVYCp06t3polg==
x-cache-status
HIT
rid
783356ce9df6968f533e821bd463f1f2
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:28 GMT
server
gocache
etag
W/"E41795FFF064D175580A9D3AB77A6896"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
737059335683464012
x-oss-server-time
3
2690.d5bd57ae6dd3ba4ad1ce.js
evamrx.r09uwjowqgvf.com/assets/
263 KB
75 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
d590a067a5e53f9fd175c2208c8868cb1ffa41196c89c7cea571d816fe8c5d2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682ECD9FC567C33371C591D
content-md5
Ht4LLRBie1nBVPT9eW01YQ==
x-cache-status
HIT
rid
65453d8c16300a5521f132cad501974b
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:21 GMT
server
gocache
etag
W/"1EDE0B2D10627B59C154F4FD796D3561"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
6383032219633855322
x-oss-server-time
2
4363.88106fa16a42024abd83.js
evamrx.r09uwjowqgvf.com/assets/
194 KB
59 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/4363.88106fa16a42024abd83.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
b096bcf08c082ecf71a653d6f56e7c93c41b19d70d59b0eb8be3303f2e556889
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682ECD99DB57831342655ED
content-md5
ga7hHxuRVdQfkExYdKbU7Q==
x-cache-status
HIT
rid
e61bb661d540ac1ca6c5ca22a2c86639
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:47 GMT
server
gocache
etag
W/"81AEE11F1B9155D41F904C5874A6D4ED"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15359885072182347238
x-oss-server-time
14
main~43dd7041.1b580644cc81216b33f5.js
evamrx.r09uwjowqgvf.com/assets/
241 KB
58 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/main~43dd7041.1b580644cc81216b33f5.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
00b2c27d4d877c62e6631df5fe1c77b8503dc826152d0dd9e3a5771463de28ac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682ECD9FC567C36371F591D
content-md5
5r/IOfyQwNm0Ta64A0zHVQ==
x-cache-status
HIT
rid
8ea659b26c8f6cf94d142a92e1b539a6
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:58 GMT
server
gocache
etag
W/"E6BFC839FC90C0D9B44DAEB8034CC755"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15497410968064214930
x-oss-server-time
4
main~52f0199e.cc5892b4abc0701af59b.js
evamrx.r09uwjowqgvf.com/assets/
223 KB
58 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/main~52f0199e.cc5892b4abc0701af59b.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
cbd83592410ced621539b5ae0cc9bec9f478d9d9587913f6d0a8dce4e53e8adf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682ECD9F96C043135FE5C62
content-md5
GscTwH2itp0vgiZNbQQxPw==
x-cache-status
HIT
rid
cc58b8a134ce56cb5948b331a644f370
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:48 GMT
server
gocache
etag
W/"1AC713C07DA2B69D2F82264D6D04313F"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2872970468459335342
x-oss-server-time
2
main~9bf88260.f5778992b1cb09cf8fa3.js
evamrx.r09uwjowqgvf.com/assets/
261 KB
78 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
e7d8c5fed5451c69a270b738aa3fd411619cbd0dfb8f30e8051865915f04ad96
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682ECDBF96C043135076562
content-md5
Nq2n8daWjCIKWQi+IMfF/w==
x-cache-status
HIT
rid
829b1701451a383fc519ff4804619967
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:25 GMT
server
gocache
etag
W/"36ADA7F1D6968C220A5908BE20C7C5FF"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
12850115280886945727
x-oss-server-time
20
main~ff90cf7f.b2d96ab641ade4a295b2.js
evamrx.r09uwjowqgvf.com/assets/
366 KB
132 KB
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/main~ff90cf7f.b2d96ab641ade4a295b2.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
aa47288276ad38538f1f06f43ed332a883c5f9b297f19ca36a18eff5220efe3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
6682ECDBF96C043135836762
content-md5
WGlIDFI004+sXPWL+G+mag==
x-cache-status
HIT
rid
fae13167119fe187395c8db0af0a28df
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:29 GMT
server
gocache
etag
W/"5869480C5234D38FAC5CF58BF86FA66A"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
954191491726340348
x-oss-server-time
2
vendor~aac516cf.eaf6d923a04cc5b5259f.css
evamrx.r09uwjowqgvf.com/assets/
501 KB
85 KB
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/vendor~aac516cf.eaf6d923a04cc5b5259f.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
dc01cd1b3a4eb90a50385a17aba907950d6480aa55f5d386571555ec96054b7c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
content-encoding
gzip
x-oss-request-id
6682EE071F85633333E2F67A
content-md5
opNhpWgJxMx12DxuOpJ34A==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
rid
57bd17ad24e3fa8e592b541047227900
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:40 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9209763108867474020
x-oss-server-time
2
start.f1072fe4da222738a134.css
evamrx.r09uwjowqgvf.com/assets/
56 KB
5 KB
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/start.f1072fe4da222738a134.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
8906b671ded0a40107745aff2a664bb74a87bfa6e2327db2d1a96d3ec4e9bd35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
content-encoding
gzip
x-oss-request-id
6682EE07D0409B3536798921
content-md5
TnVWR53ZiCVup4x5Szbzlg==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
rid
cbc2feccb7b3140c975ee6d0731350bb
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:01 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10606315619644222728
x-oss-server-time
3
main~31743c5a.bd2230d6b8039ce39545.css
evamrx.r09uwjowqgvf.com/assets/
303 KB
46 KB
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/main~31743c5a.bd2230d6b8039ce39545.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
a84fdefbaf490c69e01612bd16f60e4754b5b367e7c33642dc5d5411d93631b3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:27 GMT
content-encoding
gzip
x-oss-request-id
6682EE074C8B37303717D27C
content-md5
mjpHssw4rJlwXKPq/Z/fFQ==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
rid
612f3bd5084941420e45a53d47ddfa60
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:48 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
5446807253372087573
x-oss-server-time
19
h5icon.ico
cdntoos.bprlk.com/cocos/lg/
4 KB
5 KB
Other
General
Full URL
https://cdntoos.bprlk.com/cocos/lg/h5icon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3a00:c:5d83:e700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c4f80fc2a6c8fb3797742654f08e005af78e7d305601ff0a7576d8d7f8ba1440

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:15:24 GMT
via
1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
x-oss-request-id
668176523B2202A74E9C3D40
content-md5
R5CWw10aqefbZ999TKvS/w==
x-amz-cf-pop
FRA60-P7
age
9725
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
4286
x-oss-object-type
Normal
last-modified
Tue, 13 Feb 2024 11:44:52 GMT
server
AliyunOSS
etag
"479096C35D1AA9E7DB67DF7D4CABD2FF"
vary
Accept-Encoding
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16427774967656340305
x-amz-cf-id
QNr1obR9BKijXQD-TA0V1bzckTbLRI264EVOT7GpFdUs88YFitKTew==
x-oss-server-time
1
linksetting
evamrx.cbtwen.com/hall/promote/
0
0
Preflight
General
Full URL
https://evamrx.cbtwen.com/hall/promote/linksetting
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2800:11:6b95:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
appversion,auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
POST
Origin
https://evamrx.r09uwjowqgvf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
appversion,auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
application/octet-stream
date
Mon, 01 Jul 2024 17:57:29 GMT
server
nginx
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-amz-cf-id
hgIn_EGlqc3fx7PnudoYhyBO9-r2cDQTy5bo5l1jMpRlyNu9ZMP7dg==
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
linksetting
evamrx.cbtwen.com/hall/promote/
71 B
553 B
XHR
General
Full URL
https://evamrx.cbtwen.com/hall/promote/linksetting
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:2800:11:6b95:abc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e992f88e9b1af4f5bf92b211c4c4956b03f441230c16aa69f1cdcc3f18cfe9a6

Request headers

devicetype
3
x-version
4.0.419
appVersion
v4.0.419
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce
6ff470dd-a20e-4f2e-a524-184c8b5e4166
isWgPackage
false
language
en
accept-language
en
browserfingerid
isSpeedPackae
false
device
8f6afd4d-dd54-4199-8b60-b20c2cc8f541
x-request-id
6ff470dd-a20e-4f2e-a524-184c8b5e4166
sign
VRnN5jX8kCyb0SBmheAPxkIF83QSocgb+2jFXAdnXK4CksTky0YvZD150j9DN1iq
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
domain
evamrx.r09uwjowqgvf.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1719856649096,"version":1719802300000}}
auth
undefined
x-custom-referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept
application/json, text/plain, */*
timestamp
1719856649
Referer
https://evamrx.r09uwjowqgvf.com/
siteCode
1000
newJwt
token
b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone
UTC+2
deviceModel
Chrome126.0.0.0

Response headers

date
Mon, 01 Jul 2024 17:57:30 GMT
via
1.1 e86025dac63232624d2273c5fd256ce4.cloudfront.net (CloudFront)
x-env-go-biz-gateway
0
api-cache
false
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
x-env-go-biz-agent-server
0
alt-svc
h3=":443"; ma=86400
content-length
71
x-trace-id
65ec356cf3822de3
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-server-version
4.0.0
x-amz-cf-id
fZgrUfcDW69VnUHkQU3NDe6DC171vy32mT2-abObsTJNHQeudyxlFQ==
reportview
evamrx.cbtwen.com/hall/promote/binding/
79 B
446 B
XHR
General
Full URL
https://evamrx.cbtwen.com/hall/promote/binding/reportview
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
d69b4e6b44a588651f7841e66462b78fc48e172895fb7b1980441b788703bba8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-version
4.0.419
nonce
297f9402-12d5-4a3a-9aca-26a7857e9668
isWgPackage
false
language
zh
accept-language
zh
isSpeedPackae
false
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
Content-Type
application/json
x-custom-referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
siteCode
1000
newJwt
token
b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone
UTC+2
devicetype
3
appVersion
v4.0.419
browserfingerid
device
8f6afd4d-dd54-4199-8b60-b20c2cc8f541
x-request-id
297f9402-12d5-4a3a-9aca-26a7857e9668
sign
92iqXXl5LixMkQKrEbXSftZLsyTT5fHWAya/wuOHKq3SCXwGqd4ZWO69FTrX9wIL
domain
evamrx.r09uwjowqgvf.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1719856649096,"version":1719802300000}}
auth
undefined
timestamp
1719856650
deviceModel
Chrome126.0.0.0

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-env-go-biz-gateway
0
api-cache
false
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
x-env-go-biz-agent-server
0
alt-svc
h3=":443"; ma=86400
content-length
79
x-trace-id
200c0bf2e283d23d
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-server-version
4.0.0
x-amz-cf-id
KzZ426AT9O3OAr7ZuIxPbBM8D742wzKR8jR9gtj7tGPW33xhjUJpFg==
7175.b5a5cf5284424d8d83fd.js
evamrx.r09uwjowqgvf.com/assets/
217 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/7175.b5a5cf5284424d8d83fd.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
ce6a34b090426d01efd86aac5732c297df9046457b1e2e1e7938cc830a243745
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0ADA8A793135B7813D
content-md5
5b6ltf0akQP5lRv1hTaQ5g==
x-cache-status
MISS
rid
8e72faa5da4db21389b41d8a5827ca82
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:55 GMT
server
gocache
etag
W/"E5BEA5B5FD1A9103F9951BF5853690E6"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
14081889562409025528
x-oss-server-time
5
home@theme=1.e9e427df09857367705d.css
evamrx.r09uwjowqgvf.com/assets/
313 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/home@theme=1.e9e427df09857367705d.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
1e28132635bdc25476917373d01aabed2de52a25e9d71797877560c7c3002817
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0AF27FBE303874CDFA
content-md5
y2YHPiezIa6sidrNaTtX9A==
x-cache-status
MISS
rid
40d15db583d9cf206101fd6b539ad504
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:56 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3835251399857227469
x-oss-server-time
7
home@theme=1.0ab482d692186e8d8a05.js
evamrx.r09uwjowqgvf.com/assets/
149 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/home@theme=1.0ab482d692186e8d8a05.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
81ee66f3294c484326e205161a1552068229b619bb19954aa8d85ac09e2ae05e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0A4C8B373037FFE77C
content-md5
lPeNFrdmti09EHY5EE01iQ==
x-cache-status
MISS
rid
760f1d0e7b5f2fab81b284f0b58b1326
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:52 GMT
server
gocache
etag
W/"94F78D16B766B62D3D107639104D3589"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9474309360687385492
x-oss-server-time
1
layout@theme=1.794535e1c1f337236939.css
evamrx.r09uwjowqgvf.com/assets/
66 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/layout@theme=1.794535e1c1f337236939.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
862e9ab134e263940c26ffebf1604ff3dd7198d1f95cc9484ca5ad740b0fefb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:30 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0AD0409B35365A9E21
content-md5
4GIt5YrC5PnyI8XR0u7VlQ==
x-cache-status
MISS
rid
66c2acc1558df98ddcdda85882624cba
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:45 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
14775780684586437450
x-oss-server-time
23
layout@theme=1.b8a3c8ed89c52b814b17.js
evamrx.r09uwjowqgvf.com/assets/
88 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/layout@theme=1.b8a3c8ed89c52b814b17.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
827a1ab09c1bc733220fcf425aea2aa88ad706236399323cd469bd11f2b9ff04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0A1F85633333250D7B
content-md5
lMufKcP9aUHy5WTxBEFD2Q==
x-cache-status
MISS
rid
fe7b5d8910095d7e1c3c038331846e9e
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:43 GMT
server
gocache
etag
W/"94CB9F29C3FD6941F2E564F1044143D9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2106009434836287657
x-oss-server-time
2
config_data.json
cdntoos.bprlk.com/cocos/
2 KB
2 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/cocos/config_data.json?timestamp=1719856650381
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
87726d01ba0af40980e7b5f1b6de40524cf334eafd2e39f50c05c0b49f226753

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:30 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682EE0A9EB6B20B9B621254
content-md5
QPGgXPktxi4JSz97/Tglug==
x-amz-cf-pop
FRA60-P7
x-cache
Miss from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 16:42:23 GMT
server
AliyunOSS
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15961104916779713246
vary
Accept-Encoding
x-amz-cf-id
FQtlgScK22uW6tgwDTbhIvr7nCrmPD1yAiBIgkWHmdrH7jw2hlZl0Q==
x-oss-server-time
3
site-i18n-config@zh_CN.48a219b00cc158fa2380.js
evamrx.r09uwjowqgvf.com/assets/
147 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/site-i18n-config@zh_CN.48a219b00cc158fa2380.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
7df8a99bee128d89b177d2648f5d1dd154c1292e7b3f72094428fcab2ea8f9dd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0AF27FBE3038CECDFA
content-md5
bPjUftZK6UHivPbtUt7RIg==
x-cache-status
MISS
rid
cafba32478397190cbef097b95b00687
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:06 GMT
server
gocache
etag
W/"6CF8D47ED64AE941E2BCF6ED52DED122"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
6702805696091515868
x-oss-server-time
3
main.sprites.json
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/
457 KB
310 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/main.sprites.json?manualVersion=1&version=v4.0.419
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
adb0f18d33ffd64a5fef82fa3c16d82f1273dcbfb7d94be2821b4426ebabd1a6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 08:20:48 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
668266E0FC4F3FB2ED356868
content-md5
wCcoyqQUZWCcuMckCzndOQ==
age
34602
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 04:00:10 GMT
server
AliyunOSS
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
61597820168147877
vary
Accept-Encoding
x-amz-cf-id
b0mvgeLJKOEncqxT2Wz1NIPUdUKLp8-aWpUE4SzHoL0G8FdBUlGisw==
x-oss-server-time
58
sprite.svg
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/
811 KB
253 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/sprite.svg?manualVersion=1&version=v4.0.419
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
5a4324113cab5aefa0e207f696dbca744ec2d33cc176c2f221ecb7154307ba5c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 08:20:48 GMT
content-encoding
br
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
668266E06C78FC5FB135E7A0
content-md5
iOf8avfWHCwiZjiR/wmGWA==
age
34602
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 04:00:10 GMT
server
AliyunOSS
etag
W/"88E7FC6AF7D61C2C22663891FF098658"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
4064331291789262662
vary
Accept-Encoding
x-amz-cf-id
4MpAnPgEQ1TqfA32rG_gaznUEwNmvCFQuUVcoZeLKnmiwSJT_IQA5w==
x-oss-server-time
2
assets.hash.json
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/
90 KB
21 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/assets.hash.json?timestamp=1719856650442
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
de3bddd56bd44190d70d96cb64b0cb88bbac2bf5c736332ad19a9e991d67cd02

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:30 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682EE0A27077C6AA08D28B7
content-md5
oEo0pgGpnUB8Q6zTkRiMtQ==
x-amz-cf-pop
FRA60-P7
x-cache
Miss from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 04:00:11 GMT
server
AliyunOSS
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
7220780208441065293
vary
Accept-Encoding
x-amz-cf-id
Wnk1GFHC4YHJJbcIeEPu1lBRZDlAtbpCzu3AfWgtzmoIrqmiqS-KmA==
x-oss-server-time
1
reportview
evamrx.cbtwen.com/hall/promote/binding/
0
0
Preflight
General
Full URL
https://evamrx.cbtwen.com/hall/promote/binding/reportview
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
appversion,auth,browserfingerid,clienttimezone,content-type,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
POST
Origin
https://evamrx.r09uwjowqgvf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
appversion,auth,browserfingerid,clienttimezone,content-type,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
application/octet-stream
date
Mon, 01 Jul 2024 17:57:30 GMT
server
nginx
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-id
lvjtJ9C7ICe7hYlLByQTFT6nugefEbEt6UGDxbPyenNUT9fYut8K1Q==
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
comm_icon_gou.svg
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/web/common/
413 B
962 B
XHR
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/web/common/comm_icon_gou.svg?mode=mask&manualVersion=1&version=v4.0.419
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
4b4877375a7af765e2fa097e240b7051b28ca8133929ee7d44c49fedb8231591

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 08:39:24 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
66826B3C64BB29FA563F7C52
content-md5
RGnO11iVHKK2qu2jVLqKeA==
age
33487
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
413
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 07:04:22 GMT
server
AliyunOSS
etag
"4469CED758951CA2B6AAEDA354BA8A78"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
image/svg+xml
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16332130678314105
x-amz-cf-id
oeOcXposuN58kLRtO9doL1igvg7qp1u0ta_FJ6_holqAw6d8WiwknQ==
x-oss-server-time
3
1eecb865-431c-4773-a0ae-eb1620b8d901
https://evamrx.r09uwjowqgvf.com/
303 KB
0
Image
General
Full URL
blob:https://evamrx.r09uwjowqgvf.com/1eecb865-431c-4773-a0ae-eb1620b8d901
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1470b29bbaa753a47da6627a2f920ce8e75f850cfdbbdbf5e89f19438f09a22

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
309923
Content-Type
image/png
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd77baf5c92b4d189707bc93e6eb78d6bbc43f24a13ff5ee90c84763e690229f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
19 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90e152337c4e1fc4485d5ee6d51aaf7f1287eb1561b86e6dcf678de7ea00bf20

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
style@theme=1.b6ad122194c35521fcc1.css
evamrx.r09uwjowqgvf.com/assets/
625 B
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/style@theme=1.b6ad122194c35521fcc1.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
c7d5a459ffcef60356d5b15615583d02415604953f0ee15713286bebb69df0b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0BF27FBE30381AD3FA
content-md5
jfbT0BMK9KpYEe31CC+kPA==
x-cache-status
MISS
rid
0f00755b3192cbf8428a6115f70885ec
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:55 GMT
server
gocache
etag
W/"8DF6D3D0130AF4AA5811EDF5082FA43C"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3436057668424300108
x-oss-server-time
1
style@theme=1.661c049c29d75cd565b1.js
evamrx.r09uwjowqgvf.com/assets/
151 B
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/style@theme=1.661c049c29d75cd565b1.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
984a79b5b6ddb61594e3c9774933b4c33196d719d44532d589173ad6886791b2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0B4C8B37303734EE7C
content-md5
9/4yRDwKD7OA8yH1vFb3nw==
x-cache-status
MISS
rid
1f4be411ff26a91b7b738096ab9f5533
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:55 GMT
server
gocache
etag
W/"F7FE32443C0A0FB380F321F5BC56F79F"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
11754132589776546272
x-oss-server-time
6
9798.78e4f0428dea8051c71b.css
evamrx.r09uwjowqgvf.com/assets/
993 B
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/9798.78e4f0428dea8051c71b.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
b5a91ae6a68da9dd0a153313affaa6061aedcab73eaeb2feab7177f57139dc3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0BD0409B353616A421
content-md5
UheUnIOE23iM5ablDSboDA==
x-cache-status
MISS
rid
3ec2718efb82336042f5987911f12a62
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:39 GMT
server
gocache
etag
W/"5217949C8384DB788CE5A6E50D26E80C"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10028743080157342418
x-oss-server-time
2
9798.4f5aab1919c46e284d9a.js
evamrx.r09uwjowqgvf.com/assets/
347 B
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/9798.4f5aab1919c46e284d9a.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
be65050fd3967355a2c37eac6b52bd04be7fe09cc726826acf73d136ffaad0d4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0B1F8563333361137B
content-md5
Xh6FYVf0IQxS8AYwwFGsuQ==
x-cache-status
MISS
rid
4ea4f7e69583677aaa57886325f39131
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:39 GMT
server
gocache
etag
W/"5E1E856157F4210C52F00630C051ACB9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17856786016509065391
x-oss-server-time
1
zh.json
cdntoos.bprlk.com/hall/api/lobby/site/getSiteInfo/language/
3 KB
3 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/api/lobby/site/getSiteInfo/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
1d101a8478615a1f948199e489f04632e2506e8e4c0f743c7e29e62455214629

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:34 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
66824B53678B8E40C7F51D49
content-md5
aCPcKFqVwTGfhxmySzVyYw==
age
237
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 03:51:52 GMT
server
AliyunOSS
etag
"6823DC285A95C1319F8719B24B357263"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10785281141170141039
vary
Accept-Encoding
x-amz-cf-id
i-7pn6n1n45OPxUvgoKpbfgneOcNsrvEfZrpIDQSZ2MNKCum5yGC4A==
x-oss-server-time
2
5.json
cdntoos.bprlk.com/hall/system/status/currency/CNY/language/zh/osType/4/platformType/
0
0

5.json
cdntoos.bprlk.com/hall/api/lobby/webapi/optimization/site/config/language/zh/platformType/
12 KB
9 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/api/lobby/webapi/optimization/site/config/language/zh/platformType/5.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
36a8ddf2b5d6d6057178cfc1e260586494fde737bb63667dd3896ad9a8d81b5f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:34 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682092043CB4DDD807734E4
content-md5
NpN2p1dY3/B5GDZdXeaZig==
age
237
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Sun, 30 Jun 2024 19:07:47 GMT
server
AliyunOSS
etag
"369376A75758DFF07918365D5DE6998A"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
13628521337225046667
vary
Accept-Encoding
x-amz-cf-id
uIwWcqDHzEP3VR9n3nNcBp48gq0REfd9U_z3PXb44bRRDSplLWp2oQ==
x-oss-server-time
11
maintain-time.json
cdntoos.bprlk.com/cocos/
395 B
742 B
XHR
General
Full URL
https://cdntoos.bprlk.com/cocos/maintain-time.json?timestamp=1719856651349
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
b34f0cd16c7de922ce00eee4d532270f237fba336e28c364a3fb716c5f990343

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682EE0B678B8E40C763DABB
x-amz-cf-pop
FRA60-P7
x-cache
Error from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
395
server
AliyunOSS
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/xml
access-control-allow-origin
*
access-control-expose-headers
Etag
x-oss-ec
0026-00000001
x-amz-cf-id
LAatL9mn1qDDp_9cy7h8wBJvmus0ccIvDDEuUww3XrS92GqMLo83Eg==
x-oss-server-time
2
7079.700ab89a217fe69a3e59.js
evamrx.r09uwjowqgvf.com/assets/
2 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/7079.700ab89a217fe69a3e59.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
6ed61a78fa4c7697cea7853b1ceeb0305eef042e9e6d34e14ea239534735381b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0B4C8B373037E4EE7C
content-md5
kAiZPqM6UC8h8SVMZ8ouCg==
x-cache-status
MISS
rid
5dc5f9b0a6038a70aa8d26cff6a4c292
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:39 GMT
server
gocache
etag
W/"9008993EA33A502F21F1254C67CA2E0A"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17602654883093884324
x-oss-server-time
15
5419.8b85c75646ffe41c2e13.css
evamrx.r09uwjowqgvf.com/assets/
9 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/5419.8b85c75646ffe41c2e13.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
4e89748aecccae426b960630a5336069417ffad213d305d29c261bff0f6f09c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0B1F85633333FA137B
content-md5
EJgvNTCqzGpy0fYAAxjiKA==
x-cache-status
MISS
rid
9b984bb61c07829ae6c53cdb51614c2a
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15636462324424733967
x-oss-server-time
5
5419.ccc8aada82b4b4bcd57d.js
evamrx.r09uwjowqgvf.com/assets/
29 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/5419.ccc8aada82b4b4bcd57d.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
784c5ab715f626b3d62f32e64e2cf3c6301eda59d5090ece715d593082ce6bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0BD0409B353627A521
content-md5
2iZbOpEsu7tFAMfJrSSmkw==
x-cache-status
MISS
rid
3a082dc669137d87b8382b344ab913a3
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"DA265B3A912CBBBB4500C7C9AD24A693"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
14545085247494673362
x-oss-server-time
5
3203.0bea260af966004541d9.js
evamrx.r09uwjowqgvf.com/assets/
4 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/3203.0bea260af966004541d9.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
246fbc3aeb628e2952113206af909bef6f3eb8dca1437adacbadfcbc5ca79dfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0BF27FBE30381CD4FA
content-md5
jZMAAWlwIgn/gqAx9CBgfA==
x-cache-status
MISS
rid
a239e40067988ce7699a4e42f5c114c8
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"8D93000169702209FF82A031F420607C"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
13795954780472863708
x-oss-server-time
1
6311.b7fc00cc2e35ba6924ef.css
evamrx.r09uwjowqgvf.com/assets/
7 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/6311.b7fc00cc2e35ba6924ef.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
c8a2ea77c506d68eddea1a27762f83809b32e487d95434d6845095cd921f9917
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0B4C8B3730376FEF7C
content-md5
J9srEfF8t0HMNy7pN2yt3w==
x-cache-status
MISS
rid
b33c14817b9ec3c5eb19ad8395defc74
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
13974744449496413855
x-oss-server-time
1
6311.075c968bf9cb0226b6ad.js
evamrx.r09uwjowqgvf.com/assets/
9 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/6311.075c968bf9cb0226b6ad.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
f2742e4343a0d506b9b50cc2bdd2a5744e26a8e8fbc9053d5d487177722e7b1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0BDA8A79333189893D
content-md5
rkv06YA16963eW8KTYBL4Q==
x-cache-status
MISS
rid
3716b8347b12c3a5050b6ddbfb14d653
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"AE4BF4E98035EBDEB7796F0A4D804BE1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17294332950848765196
x-oss-server-time
12
3123.5d9c399e0c2ddb09304f.css
evamrx.r09uwjowqgvf.com/assets/
3 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/3123.5d9c399e0c2ddb09304f.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
1e1a165da26f0778b939f56cb8e7c6ae4476d06d726505825342f3a65fa3a583
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0BD0409B3536CBA521
content-md5
Ky9Zm8f0XHyCdymV3mjlHg==
x-cache-status
MISS
rid
e5785e2be636019d22d3eef24d4c5afa
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
8479584134592404210
x-oss-server-time
2
3123.156a2acd0ec4fd7c87b3.js
evamrx.r09uwjowqgvf.com/assets/
6 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/3123.156a2acd0ec4fd7c87b3.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
9bae2da2ef38cec17b63fa8c8d336673d8f98f4a23e85cd5781b9556580084d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0BB374843836C70FA6
content-md5
afSP5XUbYPp+C1DWkRzDGQ==
x-cache-status
MISS
rid
7e179785a6770fbed8fcdc2734da7e5f
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"69F48FE5751B60FA7E0B50D6911CC319"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17773909576988507445
x-oss-server-time
2
1943.571d2f3e54ff031a22c1.css
evamrx.r09uwjowqgvf.com/assets/
26 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/1943.571d2f3e54ff031a22c1.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
5531ffbfc4bea2c2c0882d34c200d38d0d6a7648f7f4c87a9a4dca4b928b2c24
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0BF27FBE3038D9D4FA
content-md5
ZYhPc3403J9I/8tviYDeRA==
x-cache-status
MISS
rid
241540fb947c0909573b75cc134f8ae2
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:42 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2566366328197951335
x-oss-server-time
3
1943.0f61ec034b1cabb055cb.js
evamrx.r09uwjowqgvf.com/assets/
23 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/1943.0f61ec034b1cabb055cb.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
99489ab0188e247840fd0f1a122bc82abe38b449a676c523dd4c9d5524322773
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0BB374843131CA0FA6
content-md5
GNEeQqGWb25CsxFPN5a7tQ==
x-cache-status
MISS
rid
f054d4d98114f9fa88c57d6d2f504e0d
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:42 GMT
server
gocache
etag
W/"18D11E42A1966F6E42B3114F3796BBB5"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2980109096113363740
x-oss-server-time
5
1256.4f7307e1d86b07d1aa6f.css
evamrx.r09uwjowqgvf.com/assets/
530 B
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/1256.4f7307e1d86b07d1aa6f.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
62ee1198cf40758a2d3a919eaf275b832b609b9660a3aae7dfc836026a79feb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0B1F856333338E147B
content-md5
WX5/hBQk+VNils9zSXoetA==
x-cache-status
MISS
rid
f4e44b78033fda5b8ae119d3ce1dd69f
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"597E7F841424F9536296CF73497A1EB4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
13405930401309480728
x-oss-server-time
1
1256.d45118cec4fa1107ba99.js
evamrx.r09uwjowqgvf.com/assets/
970 B
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/1256.d45118cec4fa1107ba99.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
481dde1414f9a9996cf35cdb7a7fa412adc6b6d41569c9552718e1362da342e9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0B7E084E353473AEC5
content-md5
4YbltJVpkffClPr4RVnQnA==
x-cache-status
MISS
rid
f2d1e3ee5372c44e38f3ed13540180e4
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:39 GMT
server
gocache
etag
W/"E186E5B4956991F7C294FAF84559D09C"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
1999045581184865396
x-oss-server-time
3
3915.56b398dd65d90d63cf92.css
evamrx.r09uwjowqgvf.com/assets/
4 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/3915.56b398dd65d90d63cf92.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
3f1e8b18f11e7a4e47b35dc8927a915a2aa622d2a93af5033da1bce413c6be4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0BDA8A79313543893D
content-md5
KK25t/jc/Std6sEz4HIvhA==
x-cache-status
MISS
rid
a9a8a964419283178735c18daf8dae9e
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:39 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10239323282974809638
x-oss-server-time
5
3915.60f7929adf491513cd99.js
evamrx.r09uwjowqgvf.com/assets/
6 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/3915.60f7929adf491513cd99.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
890bf4ff46b24c5b1e44fd81d5ce3b3f9a76c58345ca6d1596eac50786c24c51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0B1F85633330E3147B
content-md5
aSwBM3eLqHOWz6MgDTR6Jw==
x-cache-status
MISS
rid
247bfd87503c96940b879610ac999a1c
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"692C0133778BA87396CFA3200D347A27"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
8107677207782668190
x-oss-server-time
2
5653.65c93dbc0321f9e09383.js
evamrx.r09uwjowqgvf.com/assets/
2 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/5653.65c93dbc0321f9e09383.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
f573ac0ddc497e9d88f996495fc32d08f5e3db62bcf5688fab1cb8d88544ae9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?cid=910935&type=4&currency=CNY&id=30055099
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0B23C05436359065F7
content-md5
lSG8bGvO0lzekj9uEYtDBg==
x-cache-status
MISS
rid
4babd98c3ccb5eb6c386e6158ae91e56
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:39 GMT
server
gocache
etag
W/"9521BC6C6BCED25CDE923F6E118B4306"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9468150830146461696
x-oss-server-time
5
default.json
cdntoos.bprlk.com/hall/active/isShowV2/
492 B
1 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/active/isShowV2/default.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
78f64d95a477a008f4a7cb3e0e188ef1e8d58abb479b37bb9c9a18d7ab6daa96

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:51:37 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
666FAC9BFC4F3FAD04793EF1
content-md5
SfzGc5bihsv0LzZhSIfMmQ==
age
354
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
492
x-oss-object-type
Normal
last-modified
Mon, 10 Jun 2024 08:29:00 GMT
server
AliyunOSS
etag
"49FCC67396E286CBF42F36614887CC99"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4505137619586048792
vary
Accept-Encoding
x-amz-cf-id
hVVWx_p3cWZZBSeK_D2wXkxjRDMGcdIDu7EXu5_pACB_BNbRJwAYNA==
x-oss-server-time
1
4.json
cdntoos.bprlk.com/hall/home/maxChargeRate/currency/CNY/osType/
88 B
653 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/home/maxChargeRate/currency/CNY/osType/4.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
346747b2a455780bbd0726a8c53c972a783703667900b5114cfed5c86fc01796

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:32 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682C80D34FAB6585840D481
content-md5
mGXJRmH4VzZ7FIsrZRZ4fw==
x-amz-cf-pop
FRA60-P7
x-cache
RefreshHit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
88
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 14:37:00 GMT
server
AliyunOSS
etag
"9865C94661F857367B148B2B6516787F"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4899417709831758316
vary
Accept-Encoding
x-amz-cf-id
feAeJ3mfNpqXMNBaRlEcglYUqiLG_3JQqE0PUNV-vvs5TYZkmgXNIg==
x-oss-server-time
2
zh.json
cdntoos.bprlk.com/hall/api/game/hall/listPlatformCateLoadV2/currency/CNY/language/
33 KB
21 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/api/game/hall/listPlatformCateLoadV2/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6600065833bac61e2423e9120771a8cfc76b9de09545cef4dcb8974dcaf60e95

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:51:38 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
66828AE568A37465D1875421
content-md5
QG+Tc5H8VRG4PGjVoanAgw==
age
353
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 07:18:29 GMT
server
AliyunOSS
etag
"406F937391FC5511B83C68D5A1A9C083"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15345352094893179401
vary
Accept-Encoding
x-amz-cf-id
xhXeyRdG1fxo57qrlJrgk7Qw1fl8VqYAcvhdUZJhWlJ3-WXHnutj2w==
x-oss-server-time
2
zh.json
cdntoos.bprlk.com/hall/api/game/hall/listExtLinkV2/currency/CNY/language/
128 B
691 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/api/game/hall/listExtLinkV2/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
fbb335a27793c3ef31e3aae46e5c539b1ab6bec034cae7ab098d0cc645da0e64

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:51:38 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6681B912F6401B632C1AC220
content-md5
H335IL7JpbQE0Gvr6bbIZw==
age
353
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
128
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 16:00:02 GMT
server
AliyunOSS
etag
"1F7DF920BEC9A5B404D06BEBE9B6C867"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8926158916940103284
vary
Accept-Encoding
x-amz-cf-id
lTzw2CklWO_fcrbiqSYqnc_7T6rQXmwcBgJXiDnoUmk5Eh_Ag_OHZQ==
x-oss-server-time
1
CNY.json
cdntoos.bprlk.com/hall/api/game/hall/listVirtualBonusPoolV2/currency/
128 B
689 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/api/game/hall/listVirtualBonusPoolV2/currency/CNY.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
881c529c9385df997480accac9df36298b928b1bfedf0981264cdd083aef3b2d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:32 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682509064BB29FA560342E6
content-md5
QfqeO1Hz92F6heDGSxA4Ig==
x-amz-cf-pop
FRA60-P7
x-cache
RefreshHit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
128
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 16:00:02 GMT
server
AliyunOSS
etag
"41FA9E3B51F3F7617A85E0C64B103822"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=300,public,max-age=0
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2177277566785585840
vary
Accept-Encoding
x-amz-cf-id
BCa8FmdREHOFSdKxh7BVG78eNMNXCcAJ2eknLbn0criQRMpTZUn3_g==
x-oss-server-time
4
zh.json
cdntoos.bprlk.com/hall/active/category/currency/CNY/language/
43 KB
25 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/active/category/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
9eb46f7ec7dc725569a4c5182412acd65206fe8af5695c539e6da63935587e6c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:34 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
666D07CBFC4F3FAD04513C9A
content-md5
hVRCdwYl4zOtPfWawBSdfw==
age
237
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 10 Jun 2024 08:27:00 GMT
server
AliyunOSS
etag
"855442770625E333AD3DF59AC0149D7F"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
16861252199322181916
vary
Accept-Encoding
x-amz-cf-id
udD6xWtwIRrgR5oQ1lAnvSP6NxLGjtWBSFo6hqCu5Uuk4BiUiVhn5w==
x-oss-server-time
2
zh.json
cdntoos.bprlk.com/hall/api/game/hall/hotListV2/currency/CNY/language/
896 B
1 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/api/game/hall/hotListV2/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
0ba02a1c50807bbeabb26ad9f0af5188d95c3883c5bf0995c57d87dc57ae77a2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:51:39 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
668296E7EDBE262BC7ADBAF9
content-md5
ySvfGFuxpbzQu7RVINWTKQ==
age
353
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
896
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 11:42:24 GMT
server
AliyunOSS
etag
"C92BDF185BB1A5BCD0BBB45520D59329"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
15501588331462138148
vary
Accept-Encoding
x-amz-cf-id
RYyZB9X62eKMSSD9LtceO7SBGsZSdalNqUPRW5dxrZK_TAsSzQXlEA==
x-oss-server-time
2
10.json
cdntoos.bprlk.com/hall/message/all/index/currency/CNY/language/zh/list/0/marqueePage/1/marqueeSize/
2 KB
2 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/message/all/index/currency/CNY/language/zh/list/0/marqueePage/1/marqueeSize/10.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
eba5dbd09c7f7d6f7e2270765084f7bb41345a5431f9ac2eea25de0ad39bc253

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:34 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
66822E6EEDBE262BC7C3259B
content-md5
k03dOClKkYdHrD40RRpseg==
age
238
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 04:13:30 GMT
server
AliyunOSS
etag
"934DDD38294A918747AC3E34451A6C7A"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2377808830562003779
vary
Accept-Encoding
x-amz-cf-id
UWrKIeldRTNYWCrDOx8tizh8pOwPUNmDyau3SYI6dUae2KwjzQTf0A==
x-oss-server-time
4
piaspeed.png
evamrx.cbtwen.com/
2 B
277 B
Fetch
General
Full URL
https://evamrx.cbtwen.com/piaspeed.png
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 09:39:17 GMT
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
server
nginx
age
2362695
x-amz-cf-pop
AMS58-P5
access-control-max-age
3600
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
2
x-amz-cf-id
mgh7MBc6EnGiqq_m5PomBdGhhAcUVMxlDxf0I5jBG62hoMnW_jEuJQ==
piaspeed.png
js.d15ucryyr.com/
2 B
260 B
Fetch
General
Full URL
https://js.d15ucryyr.com/piaspeed.png
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.203.26.91 Hong Kong, Hong Kong, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
gocache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:34 GMT
c-type
st
server
gocache
x-cache-status
MISS
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
rid
77e81c995ce42e35c5cc5d090d295e7a
content-length
2
expires
Tue, 02 Jul 2024 17:57:34 GMT
piaspeed.png
cdnapiif.conbnw.com/
2 B
379 B
Fetch
General
Full URL
https://cdnapiif.conbnw.com/piaspeed.png
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2249:5600:10:2233:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:02:43 GMT
via
1.1 1d436979dbc6be1a36db9f38bc4fa80e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP63-P4
age
1785289
access-control-max-age
3600
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
2
x-amz-cf-id
3RSdJ-CPNIjOKONNw_AjzfQRMbQOmW9oKHfoITCu27VlnsOQo7PKMg==
5.json
www.yongli-oss.com/hall/system/status/currency/CNY/language/zh/osType/4/platformType/
13 KB
10 KB
XHR
General
Full URL
https://www.yongli-oss.com/hall/system/status/currency/CNY/language/zh/osType/4/platformType/5.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.203.26.93 Hong Kong, Hong Kong, ASN146993 (DBL-AS-AP DEEP BRIGHT LIMITED, MY),
Reverse DNS
Software
gocache /
Resource Hash
4bd3076350da34742ad2ca01cdc5ef0a205a4db1b528df50e6414c9fa3dc8539

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:35 GMT
content-encoding
gzip
x-oss-request-id
6682EE0E3B2202A74E65CFEB
content-md5
ntBjcZVZ/rf8WN24+rzETg==
content-disposition
attachment
rid
b5998d25d8dbfda8a941ec97e23a028d
x-oss-object-type
Normal
c-type
df
last-modified
Thu, 27 Jun 2024 09:34:00 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
no-cache
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
15265987659578084254
x-oss-server-time
1
expires
Thu, 01 Jan 1970 00:00:01 GMT
webPushSdk.min.2.1.0.js
evamrx.r09uwjowqgvf.com/libs/webPush@2.1.0/
100 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/libs/webPush@2.1.0/webPushSdk.min.2.1.0.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
a69fa3ccd6ccc8b251dc3609f2c4a2c399e3f94f4583ad590db81c9622cc305d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0CB3748431315914A6
content-md5
LHKIIdWAqcpFnIhIzYtj4w==
x-cache-status
MISS
rid
bcf130987508df5fbb67ed19f0c7aa0d
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:12 GMT
server
gocache
etag
W/"2C728821D580A9CA459C8848CD8B63E3"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
8677893404008255392
x-oss-server-time
6
1757368421239349250.png
cdntoos.bprlk.com/siteadmin/upload/img/
9 KB
10 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/upload/img/1757368421239349250.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3a00:c:5d83:e700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
46b344b5b2f31242243c1c6b9d67e7f800c4888d0d4bf7f396ae01e76a690706

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:34:51 GMT
via
1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
x-oss-request-id
6680EE64678B8E40C75F4F4D
content-md5
OKBQ2cO+iHs4wVTSS4HDQQ==
x-amz-cf-pop
FRA60-P7
age
44561
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
9588
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 13:16:55 GMT
server
AliyunOSS
etag
"38A050D9C3BE887B38C154D24B81C341"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
s-maxage=86400,max-age=1800,public
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12541293456544544259
x-amz-cf-id
034E8A6AeaNH1hPXIo4x8lGlniGbxkkNIP-K0BxKijYSPa5OH_1SYw==
x-oss-server-time
18
truncated
/
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44d5041f007d30a9b7079bd3a42ef6da96c4cda10a25b1bcc5a0a6f92b0aadcc

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
maintain-time.json
www.yongli-oss.com/cocos/
395 B
531 B
XHR
General
Full URL
https://www.yongli-oss.com/cocos/maintain-time.json?timestamp=1719856652615
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.203.26.93 Hong Kong, Hong Kong, ASN146993 (DBL-AS-AP DEEP BRIGHT LIMITED, MY),
Reverse DNS
Software
gocache /
Resource Hash
c343d925dda73dab15fdf6456175001d2fe3179c751e23e1927cc7485b215805

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:34 GMT
content-encoding
br
x-oss-request-id
6682EE0EFC4F3FB2ED66FD69
server
gocache
access-control-max-age
200
vary
Accept-Encoding
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
content-type
application/xml
x-oss-ec
0026-00000001
x-oss-server-time
1
zh.json
cdntoos.bprlk.com/hall/customer/getWebTrans/language/
675 KB
423 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/customer/getWebTrans/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
c3f74a0d9de999e8054a1a875d0bd3cee9b6bdb297b13fecb7204ccbf77dae5b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:33 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
668271A8678B8E40C74BA6B8
content-md5
vx/xK/mgujEoFOg2EnGl0g==
age
240
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 08:41:30 GMT
server
AliyunOSS
etag
"BF1FF12BF9A0BA312814E8361271A5D2"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2039828579529586608
vary
Accept-Encoding
x-amz-cf-id
m0KEXGuJfV4bEgdVvJxXIuswJLOTAg3oNREmbQKcO4LyWwh4Wn3eqA==
x-oss-server-time
4
icon_dt_pmd.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/web/home/
0
0

btn_zc1_1.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/web/common/
2 KB
3 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/web/common/btn_zc1_1.webp?manualVersion=1&version=9d973c966a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
d782c5e559cf7b30f321cd32816cf66c016b7caba683f9ed1d81d37be2ba89d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:35:07 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667F95FB3B2202A74ECAE020
content-md5
33YlTn96ybSHxPtWRmdeDg==
age
44546
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
2334
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 04:00:10 GMT
server
AliyunOSS
etag
"DF76254E7F7AC9B487C4FB5646675E0E"
vary
Accept-Encoding
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
17760251549424339
x-amz-cf-id
amozBYuSckQqBSNZS8fWwL2g-BHsMWSsAdxHhHn6HC_nkHu8Q6IbgA==
x-oss-server-time
18
icon_dtfl_rm_1.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-common/common/_sprite/
3 KB
3 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-common/common/_sprite/icon_dtfl_rm_1.webp?manualVersion=1&version=2d13910092
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
b0a16dae14534ad906d04402b629d77d592705f21f6578f994853608a97295be

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:35:07 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667F95FB678B8E40C7CC77B8
content-md5
PzWWF41bWqRWe1h5cvI1xg==
age
44546
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
2780
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 04:00:10 GMT
server
AliyunOSS
etag
"3F3596178D5B5AA4567B587972F235C6"
vary
Accept-Encoding
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16890822322075154649
x-amz-cf-id
zYJRbYOY6soo0jKQ8D3p4byl5mW-irtNhdnaaz-c07hYnvKrAH9Kfw==
x-oss-server-time
15
bg_pattern_tile.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/common/common/
40 B
562 B
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/common/common/bg_pattern_tile.webp?manualVersion=1&version=577389b436
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
870b1e0cdc6c05e8e41db7f365ce5927b83b4917d061aa47efae33491aa5ca5a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:06:06 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667CED803B2202A74EBBCB5E
content-md5
2e+N6VF5H4Fmjbr+5sWNgw==
age
46287
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
40
x-oss-object-type
Normal
last-modified
Thu, 27 Jun 2024 03:35:47 GMT
server
AliyunOSS
etag
"D9EF8DE951791F81668DBAFEE6C58D83"
vary
Accept-Encoding
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9717282602007006686
x-amz-cf-id
Tmfj_lpLpIbLno01ljzIBGGTSC_TRrw4OJUvnQqPX71BtrAHQ1bTxw==
x-oss-server-time
1
8325.672ba7471721aec62ba0.js
evamrx.r09uwjowqgvf.com/assets/
7 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/8325.672ba7471721aec62ba0.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
b31400b92b43fdecb3da3189faec45089551743cf463580d058b517bc7356c45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0DB374843131C219A6
content-md5
ErqHoZrJNfY6fi/XHeDXwQ==
x-cache-status
MISS
rid
bbd2e6f751d9cf1dba3a2d604bac1b28
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"12BA87A19AC935F63A7E2FD71DE0D7C1"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
1706046265055939337
x-oss-server-time
2
zh.json
cdntoos.bprlk.com/hall/promote/config/agentMode/language/
152 B
715 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/promote/config/agentMode/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
5a411e5b2e3c7253ea677c1dfbcd2a7ad6ca6e662978e27bef841df0cdef4085

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:36 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
666D7ED00D92D941F787682C
content-md5
3pYhhjVHFFq7zpDYpKarSQ==
age
237
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
152
x-oss-object-type
Normal
last-modified
Mon, 10 Jun 2024 08:27:00 GMT
server
AliyunOSS
etag
"DE9621863547145ABBCE90D8A4A6AB49"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
6712694986229688723
vary
Accept-Encoding
x-amz-cf-id
YG2lKQy2fKAcjpVbfS76NaNVKxt08zkZJg8xn99W6Pvxebtn6VFY_Q==
x-oss-server-time
2
h5icon.ico
cdntoos.bprlk.com/cocos/lg/
4 KB
0
Other
General
Full URL
https://cdntoos.bprlk.com/cocos/lg/h5icon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275b:3a00:c:5d83:e700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c4f80fc2a6c8fb3797742654f08e005af78e7d305601ff0a7576d8d7f8ba1440

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 15:15:24 GMT
via
1.1 85b175d782816d34ed73f9ca030bf062.cloudfront.net (CloudFront)
x-oss-request-id
668176523B2202A74E9C3D40
content-md5
R5CWw10aqefbZ999TKvS/w==
x-amz-cf-pop
FRA60-P7
age
9725
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
4286
x-oss-object-type
Normal
last-modified
Tue, 13 Feb 2024 11:44:52 GMT
server
AliyunOSS
etag
"479096C35D1AA9E7DB67DF7D4CABD2FF"
vary
Accept-Encoding
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16427774967656340305
x-amz-cf-id
QNr1obR9BKijXQD-TA0V1bzckTbLRI264EVOT7GpFdUs88YFitKTew==
x-oss-server-time
1
footer@theme=1.cb7c6322293210194a0a.css
evamrx.r09uwjowqgvf.com/assets/
6 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/footer@theme=1.cb7c6322293210194a0a.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
32e3ae899ed5a52cfc5be2703b684947b5474aa8e176c79e2c2793169c157d4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:33 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0DB3748431311E1AA6
content-md5
yuDRwDJQGQD5Umb+KmJbCQ==
x-cache-status
MISS
rid
81033ce4c86770be997f46b16066d0d6
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
986240778728940696
x-oss-server-time
24
footer@theme=1.33a661aeedf7f6b40783.js
evamrx.r09uwjowqgvf.com/assets/
3 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/footer@theme=1.33a661aeedf7f6b40783.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
e685a3e2626b5be478fef0d889ffbe20174ff240f6dd5d1bccd3228bb62e5f58
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0DDA8A79333113943D
content-md5
oy79dn9cPixRVcMaCDAs0A==
x-cache-status
MISS
rid
642082af143d8092692bfa3aa015e4c7
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"A32EFD767F5C3E2C5155C31A08302CD0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9290218106079527736
x-oss-server-time
3
zh.json
cdntoos.bprlk.com/hall/api/lobby/footerConfig/getInfo/language/
3 KB
3 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/api/lobby/footerConfig/getInfo/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
72b39a7fd154d9e2de0c2aa01cf6ed936d94f66d8a41986bdefe13577c48d225

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:34 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
668201709EB6B20B9B69C8BC
content-md5
ZUtHQu0PkaCetw4ZTeJGeQ==
age
239
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Sun, 30 Jun 2024 19:07:47 GMT
server
AliyunOSS
etag
"654B4742ED0F91A09EB70E194DE24679"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
276833325354041222
vary
Accept-Encoding
x-amz-cf-id
2mfbxReX0jk5JQksKP8vGWBCfmcViUDGpKHn90V4NvenR6NkihLKyA==
x-oss-server-time
10
zh.json
cdntoos.bprlk.com/hall/api/lobby/aboutUs/index/getInfo/language/
128 B
690 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/api/lobby/aboutUs/index/getInfo/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
beb73f12f812820879dc6265154d1fab66d6f439316acacbaee8bb6c11c8bf08

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:34 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
66824ED23B2202A74EFD9A79
content-md5
qvIVRVxxBetK9trac4JA4g==
age
239
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
128
x-oss-object-type
Normal
last-modified
Sun, 30 Jun 2024 19:07:47 GMT
server
AliyunOSS
etag
"AAF215455C7105EB4AF6DADA738240E2"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4602953496799251153
vary
Accept-Encoding
x-amz-cf-id
3cbqyYing1BaGmoxiecEuykYQG1ML9XwgEmE0GUQzYHQdlLC9LhDNA==
x-oss-server-time
1
getDownloadUrl
evamrx.cbtwen.com/hall/download/
0
0
Preflight
General
Full URL
https://evamrx.cbtwen.com/hall/download/getDownloadUrl?siteCode=1000&token=b2e3d672-9d88-47a7-81b4-9d7ffc62054f&currency=CNY&language=zh&platformType=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
appversion,auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
GET
Origin
https://evamrx.r09uwjowqgvf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
appversion,auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
application/octet-stream
date
Mon, 01 Jul 2024 17:57:33 GMT
server
nginx
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-id
9grP20RVr-4-jDwRpG_y6Zn7XIjZVFJlADi69a8ouJJZNXjxqic5pw==
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
3923.e273ff99e2d21f73677b.js
evamrx.r09uwjowqgvf.com/assets/
3 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/3923.e273ff99e2d21f73677b.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
11be581b42fb4c2210864f3e6baff83a6f0b6f8085306a6f623c786191185fac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:33 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0DB374843131A41AA6
content-md5
GkuKXPZbAyRWUc1P/7UsRw==
x-cache-status
MISS
rid
ee4678a477d26463f08a24a301d52562
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:39 GMT
server
gocache
etag
W/"1A4B8A5CF65B03245651CD4FFFB52C47"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9343445313366632811
x-oss-server-time
1
910935.json
cdntoos.bprlk.com/hall/api/lobby/channel/go/getChannelInfoById/id/
704 B
1 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/api/lobby/channel/go/getChannelInfoById/id/910935.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6e71d232a5c3b95e14822b2904c594ae6d424565b0a4c2baaa5c86f8b66cf0dc

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:56:15 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682A43F6C78FC5FB1CADE88
content-md5
xwPycLI7jxUf7rj+ZahygQ==
age
78
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
704
x-oss-object-type
Normal
last-modified
Sun, 30 Jun 2024 19:07:48 GMT
server
AliyunOSS
etag
"C703F270B23B8F151FEEB8FE65A87281"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11520095157616901522
vary
Accept-Encoding
x-amz-cf-id
9Q61opgb-pJXcOUWK3Ri_aYhAPRmYNw44WNsnAY-LyMyw2kJRyCPjA==
x-oss-server-time
1
getForceUpdate.json
cdntoos.bprlk.com/hall/api/lobby/webapi/forceUpdate/
428 B
993 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/api/lobby/webapi/forceUpdate/getForceUpdate.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
d62831be8422e9dcd13b620deb8757c169beb4b6527f408473d6c6ca3695c875

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:34 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682699E4E63C5DCF43BA777
content-md5
/9NICNtszWGgFOlmyzoS0g==
age
239
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
428
x-oss-object-type
Normal
last-modified
Mon, 24 Jun 2024 17:17:29 GMT
server
AliyunOSS
etag
"FFD34808DB6CCD61A014E966CB3A12D2"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
15064967506659720624
vary
Accept-Encoding
x-amz-cf-id
nlkF5dKLyqf80AO1j_tkOCrc728TUE5nHzFzyLpAzlVZ2Vd9v0-wYw==
x-oss-server-time
1
default.json
cdntoos.bprlk.com/hall/activetask/newcomer_benefit_reward/
108 B
672 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/activetask/newcomer_benefit_reward/default.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ef5c0c32f5cde0b8740ebdc5db77a93b05c8cea2b328144d4ea5515f6313b43e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:51:42 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
666FAC9A68A37403AA7E0ECA
content-md5
dBbLTPbeHaWLbHPWdgr+9w==
age
351
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
108
x-oss-object-type
Normal
last-modified
Mon, 10 Jun 2024 08:26:30 GMT
server
AliyunOSS
etag
"7416CB4CF6DE1DA58B6C73D6760AFEF7"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8570998019666154852
vary
Accept-Encoding
x-amz-cf-id
3onFQ6jMPcgPm8VbjFJgwvB69g3wjgcToLnEskpcqB90Rq_-V9JZ4g==
x-oss-server-time
2
getDownloadUrl
evamrx.cbtwen.com/hall/download/
2 KB
1 KB
XHR
General
Full URL
https://evamrx.cbtwen.com/hall/download/getDownloadUrl?siteCode=1000&token=b2e3d672-9d88-47a7-81b4-9d7ffc62054f&currency=CNY&language=zh&platformType=5
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
57c153bc5258aedb951075de9237ce602ccff6e5dc038c776009150abf6d503f

Request headers

devicetype
3
x-version
4.0.419
appVersion
v4.0.419
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce
53b7c17a-f6e1-4c27-ab50-6eaaefdcbc54
isWgPackage
false
language
zh
accept-language
zh
browserfingerid
isSpeedPackae
false
device
8f6afd4d-dd54-4199-8b60-b20c2cc8f541
x-request-id
53b7c17a-f6e1-4c27-ab50-6eaaefdcbc54
sign
hDlxAOO9DUMW7TwKrnH9m/AedpEepXbM1i9PVyfdlnmt83rWvH1w5PPb0tIDwT7r
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
domain
evamrx.r09uwjowqgvf.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1719856649096,"version":1719802300000}}
auth
undefined
x-custom-referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept
application/json, text/plain, */*
timestamp
1719856652
Referer
https://evamrx.r09uwjowqgvf.com/
siteCode
1000
newJwt
token
b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone
UTC+2
deviceModel
Chrome126.0.0.0

Response headers

date
Mon, 01 Jul 2024 17:57:34 GMT
content-encoding
br
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS58-P5
api-cache
false
x-env-go-biz-gateway
0
x-cache
Miss from cloudfront
x-env-go-biz-agent-server
0
alt-svc
h3=":443"; ma=86400
x-trace-id
75d4d4563007b036
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=0,s-maxage=60,public
access-control-allow-credentials
true
vary
Accept-Encoding
x-server-version
4.0.0
x-amz-cf-id
l1NLTH9_NBJiCs2OTk80JBTNkzACT0pSHY5Y37WfatPITWKr3pKxNA==
btn_zc1_2.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/web/common/
318 B
840 B
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/web/common/btn_zc1_2.webp?manualVersion=1&version=1fcf5eaa54
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
1ba6cae4b80e72b57a2c6ac3624fafe7dc492a2510ae3558d6488055c044527f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:06:07 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667F94A26C78FC5FB1C9BAEF
content-md5
x2xvOexKy5lyooG2shmuvQ==
age
46287
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
318
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 04:00:10 GMT
server
AliyunOSS
etag
"C76C6F39EC4ACB9972A281B6B219AEBD"
vary
Accept-Encoding
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11544548806304956238
x-amz-cf-id
ec-c7qGXSDBoV47j5cZyS9ye1Dtq6CDNr4k7JTujwKiHafvHsaFbKQ==
x-oss-server-time
3
icon_dtfl_qp_1.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-common/common/_sprite/
3 KB
4 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-common/common/_sprite/icon_dtfl_qp_1.webp?manualVersion=1&version=394ba3cd1c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ca92dd379bbd56fa57a3201a94d22c769a4e4ca5a73941894edbfdcaf22f87fa

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:06:07 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667F94A2FC4F3FB2EDC8F82D
content-md5
oCBq3BHjEb4T3fdW8hCfNg==
age
46287
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
3106
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 04:00:10 GMT
server
AliyunOSS
etag
"A0206ADC11E311BE13DDF756F2109F36"
vary
Accept-Encoding
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
15778214265369955960
x-amz-cf-id
7WbagVOg5MZZX5AHy75DcxfCl8Db5WbqwM8e5vwMhUHichzmUS4ebg==
x-oss-server-time
14
default.png
cdntoos.bprlk.com/game_pictures/p/EA/9/1/
49 KB
50 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/9/1/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
54b42e65df3e1b86a3cdc241cae1a00683d77ad01c560696dfaf57355a445018

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:29:34 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA6FE4E63C5DCF4224932
content-md5
ROHGFayEE8Gh6Go4koIehQ==
age
19680
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
50333
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 06:51:11 GMT
server
AliyunOSS
etag
"44E1C615AC8413C1A1E86A3892821E85"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
7907950182149062677
x-amz-cf-id
rPZMrF90E0VSNKZmc0m5G7-ycgJ9VKMo4hSVy3VOQ5hOuk6VvaeXfw==
x-oss-server-time
1
default.png
cdntoos.bprlk.com/game_pictures/p/EA/13/1/
42 KB
43 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/13/1/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
893085ac24cf4160f244d43b7ade8b464ece3cd05e7b2423d16615eee96d750a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:31:27 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA6FE4E63C5DCF42248CE
content-md5
biePwRnJ2Od7Yr9q8BFQ9Q==
age
19567
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
43249
x-oss-object-type
Normal
last-modified
Mon, 24 Jun 2024 11:15:07 GMT
server
AliyunOSS
etag
"6E278FC119C9D8E77B62BF6AF01150F5"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11817096997040561423
x-amz-cf-id
LF_iaQIL-zpkv83QI33r9VI-p6oZEpMaX8USvfA4uqAawCzAfYfPrg==
x-oss-server-time
2
default.png
cdntoos.bprlk.com/game_pictures/p/EA/21/1/
49 KB
49 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/21/1/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
8d11c1f6a1c5e67332fb9f340a2497ed8f6a32f67bd07e0ab932ff8da64c16de

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:29:34 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA6FE64BB29FA562534B6
content-md5
Aacd3efnp1siE1GsEIutLA==
age
19680
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
49969
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 06:46:29 GMT
server
AliyunOSS
etag
"01A71DDDE7E7A75B221351AC108BAD2C"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12739528114136115626
x-amz-cf-id
cixJ10NOLyF82v3c7v1xX-ZfMn5FdVOFiJtEHb1GIwLxYJA8aVshfA==
x-oss-server-time
16
default.png
cdntoos.bprlk.com/game_pictures/p/EA/22/1/
49 KB
50 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/22/1/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
d232a42607e002ac1454c48fd2b74d670410cc2ce6d991059c89c5217d7ad863

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:53:08 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA706EDBE262BC7293E75
content-md5
WrFaYmuLz5Bi7ssiB0y7ug==
age
18266
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
50204
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 02:55:24 GMT
server
AliyunOSS
etag
"5AB15A626B8BCF9062EECB22074CBBBA"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
517175219048919342
x-amz-cf-id
J5Uoq4ETpe3U5QLhFmHBhl2g__gvD4xAV6yewuZ8RL7GQo81PWTdtw==
x-oss-server-time
5
default.png
cdntoos.bprlk.com/game_pictures/p/EA/52/1/
38 KB
38 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/52/1/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
fc11bf329875e490dd96fb52021d24de7120dfde797e928d199ce7f025fc6451

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:53:08 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA70668A37465D121EF2D
content-md5
ByurECv2HMhqL0rUJI9xjA==
age
18266
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
38730
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 06:46:59 GMT
server
AliyunOSS
etag
"072BAB102BF61CC86A2F4AD4248F718C"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
531693042515808040
x-amz-cf-id
gQn7do2Xfo7FGiYkfdjycUfqx3NQ0aeKS5zL7Czx2Cu4Q9Ge5pqPDw==
x-oss-server-time
4
default.png
cdntoos.bprlk.com/game_pictures/p/EA/2/1/
47 KB
47 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/2/1/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
b9fc322363f7d8b18e54b1068ca25c13b47f9ba367d7ee8cb94d217d32bf0942

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:53:08 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA706EDBE262BC7293E74
content-md5
XsbliOf3XJq4bloGCDA8DA==
age
18266
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
48090
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 06:46:28 GMT
server
AliyunOSS
etag
"5EC6E588E7F75C9AB86E5A0608303C0C"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
13282592934742255792
x-amz-cf-id
0VKuDjgfA7u9I9PxsWMtOj09iOgIqj5AruFO5ZvS6WAkx6Vcc25bDQ==
x-oss-server-time
11
icon_dt_pmd.png
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/web/home/
660 B
1 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/web/home/icon_dt_pmd.png?manualVersion=1&version=a3562768c8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
a3562768c83ee77896052249a85096b972e5fd85450099234385c94cd64f0a60

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:35:07 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667CED86EDBE262BC7C3DBC1
content-md5
kVSj4nBvFZFLUZa5OGrKrg==
age
44547
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
660
x-oss-object-type
Normal
last-modified
Thu, 27 Jun 2024 03:35:53 GMT
server
AliyunOSS
etag
"9154A3E2706F15914B5196B9386ACAAE"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10060030303584180211
x-amz-cf-id
88e4EVin79bAD17FS3IhvmDl0zmLRk-7JvCh0SNOfn5P0AAO_NQ3yA==
x-oss-server-time
2
auth
conn.webpush.theengagelab.com/v1/
214 B
348 B
Fetch
General
Full URL
https://conn.webpush.theengagelab.com/v1/auth?user_str=undefined&appkey=245e11bc10222caf5865f6e1&is_temporary=n
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/libs/webPush@2.1.0/webPushSdk.min.2.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.189.26 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-189-26.compute.hwclouds-dns.com
Software
elb /
Resource Hash
0d1e20f888da5f1b958c77be20c262141612e2c00a8f31d4771864c1fe415388

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://evamrx.r09uwjowqgvf.com
date
Mon, 01 Jul 2024 17:57:35 GMT
server
elb
content-length
214
content-type
text/plain; charset=utf8
loader_v3.8.1.js
fpnpmcdn.net/v3/cIMrDd2qJKZFByajXD7O/
496 B
995 B
Script
General
Full URL
https://fpnpmcdn.net/v3/cIMrDd2qJKZFByajXD7O/loader_v3.8.1.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/8325.672ba7471721aec62ba0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.245.31.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-245-31-43.fra56.r.cloudfront.net
Software
CloudFront /
Resource Hash
b1920178cfb94f6181cb29440ae05e90df1789eb835a8ab3a36748620d6ee3b2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 27 Jun 2024 06:01:23 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
via
1.1 90d4d7d1a3cebe66392e229fd5792ae0.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P8
age
388571
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
496
server
CloudFront
etag
"3PKGuXPgO0ajws4U/rl5GVMWGxE"
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3484, s-maxage=577499
timing-allow-origin
*
x-amz-cf-id
kVJkDA_9fIzn8vLW3THehhMP8gVpfLwmoR_2j8EXAyNplcOVUuW7Ig==
9170.bd05c6f517a3a450fab4.css
evamrx.r09uwjowqgvf.com/assets/
9 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/9170.bd05c6f517a3a450fab4.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
ecc58b63cd26a4b5fb070dccb44700be7b6c2da95fdef35ec74622874e6f17e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:34 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0EB374843131381EA6
content-md5
WRupaVvbRnXnR6CKXkCsww==
x-cache-status
MISS
rid
850d608384f29dadbbfa4eb35326dc62
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:39 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17378125663737743109
x-oss-server-time
5
9170.bdd9c6dc0924c8f735aa.js
evamrx.r09uwjowqgvf.com/assets/
14 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/9170.bdd9c6dc0924c8f735aa.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
d26153a6633c2a968f92355f7f81b19c419a13c61375e4010784a7121dcb6085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE0EDA8A79333125983D
content-md5
LLNsv8Y1H3ZjSaDguDDjNQ==
x-cache-status
MISS
rid
6b0f92ad43f6ffb1a1e1f888ee783b9e
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"2CB36CBFC6351F766349A0E0B830E335"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
5343946955917450313
x-oss-server-time
2
default.png
cdntoos.bprlk.com/game_pictures/p/EA/hot/127/4/
35 KB
36 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/hot/127/4/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ef6000d1fac86283b63b3d1d2ee605e26e541254c49ae371fe5b1685f7f5705a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:14:54 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA6FE4E63C5DCF4224984
content-md5
EyHdI3jNISVEUB+olgydEw==
age
20560
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
35988
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 06:40:49 GMT
server
AliyunOSS
etag
"1321DD2378CD212544501FA8960C9D13"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
6613464333381338130
x-amz-cf-id
bFN_-hgTTvq5aNSGPvAI5jQNU_8IHjqYcF4QEAbI8lmjVq3giNm4jQ==
x-oss-server-time
2
default.png
cdntoos.bprlk.com/game_pictures/p/EA/hot/200/3/
36 KB
36 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/hot/200/3/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
932fd3296450f6d0d676ddae569a033a9df2ba9d7719407ff2c6b6e619bd4f00

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:14:55 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA6FE4E63C5DCF42249C8
content-md5
DHOAZve0Sf50mRk27C2yqA==
age
20559
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
36397
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 06:40:18 GMT
server
AliyunOSS
etag
"0C738066F7B449FE74991936EC2DB2A8"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3418478184844512380
x-amz-cf-id
POsdSMQPJdmBAiMvBMIF4sH3nEWhAc6mSnybco1BFJlG05Q4_XJzMg==
x-oss-server-time
1
default.png
cdntoos.bprlk.com/game_pictures/p/EA/hot/73/7/
39 KB
39 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/hot/73/7/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
58a8813eb78a5c9f1d3250842a67f434a995d11761f338496079a56bbe8a0ba2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:14:55 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA6FE0D92D9615F25D9DB
content-md5
LzQyLjKYQC36P19+/MsrRw==
age
20559
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
39748
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 06:46:41 GMT
server
AliyunOSS
etag
"2F34322E3298402DFA3F5F7EFCCB2B47"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9342152816021798631
x-amz-cf-id
ikjSeVb2F3hUevANUqTeh92-ZX8UO0lvdDIYN_Itn8Xd2oeZHu4zug==
x-oss-server-time
11
default.png
cdntoos.bprlk.com/game_pictures/p/EA/hot/2/1/
37 KB
37 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/hot/2/1/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
f7eb0bd8dcc7667697fcc815bc203e5b1379ce2b4eed0049cb5d22c7b43678f6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:14:54 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA6FE678B8E40C72174C9
content-md5
dCQx6yUp7D3uOcbtexBoeA==
age
20560
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
37529
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 06:46:29 GMT
server
AliyunOSS
etag
"742431EB2529EC3DEE39C6ED7B106878"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
6008451288496001378
x-amz-cf-id
uvKRelk9MCDQE3ohsTyoq478m8jgCrjFeCf1SsiGSodjnZxHEBIMnA==
x-oss-server-time
9
default.png
cdntoos.bprlk.com/game_pictures/p/EA/hot/19/5/
44 KB
44 KB
Image
General
Full URL
https://cdntoos.bprlk.com/game_pictures/p/EA/hot/19/5/default.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
77e42b7c8bf405f0e1c52323f3e1adad7966f16473c47637ccd670b2be66ed9e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:14:54 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667EA6FEFC4F3FB2ED21DE5E
content-md5
NGgisr/CZhAQVss+05deFg==
age
20560
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
44676
x-oss-object-type
Normal
last-modified
Tue, 25 Jun 2024 06:51:02 GMT
server
AliyunOSS
etag
"346822B2BFC266101056CB3ED3975E16"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12940542225833450068
x-amz-cf-id
rxsPiYlM3FGtF4kHiA15uIiaUTLYk035mv5rMVqKkfHtHx60XLjriQ==
x-oss-server-time
7
btn_sc_off_2.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/web/home/
320 B
826 B
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/web/home/btn_sc_off_2.webp?manualVersion=1&version=abfbb0d8b0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
f6b867ccd9e2f07f6b63eeebfec8dea030de76d2bfbc8df28f2ae3be87ba98a9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:18:30 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
66823C2664BB29FA56D8B59D
content-md5
nn5Le4nBIuuVAu2kDn/0Kg==
age
45544
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
320
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 04:35:01 GMT
server
AliyunOSS
etag
"9E7E4B7B89C122EB9502EDA40E7FF42A"
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
5900798616740208116
x-amz-cf-id
OtWvC4LGwqLVacn-VY0s5R3juABzdmb3M14dnJhnUi-wqQ2EqFN_Ag==
x-oss-server-time
3
maintain-time.json
tifjqr-1000-ppp.oss-accelerate.aliyuncs.com/cocos/
395 B
794 B
XHR
General
Full URL
https://tifjqr-1000-ppp.oss-accelerate.aliyuncs.com/cocos/maintain-time.json?timestamp=1719856655214
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.254.187.154 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
80b0e01e20e8f69cb7425d33a0d36a50a1eb6f6af5e3790b7abf1a2f9db1e205

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Mon, 01 Jul 2024 17:57:36 GMT
x-oss-request-id
6682EE109EB6B20B9B62190F
Server
AliyunOSS
Access-Control-Max-Age
200
Access-Control-Allow-Methods
GET, POST, HEAD, PUT
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Etag
x-oss-ec
0026-00000001
Connection
keep-alive
Content-Length
395
x-oss-server-time
1
sdk.js
connect.facebook.net/en_US/
3 KB
4 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
be1296f9c685754a0e5b48d8e9f702eab1e3ed75cee8fc0585bc581a684d72aa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Jul 2024 17:57:36 GMT
content-md5
x8V483FiTtAfjPOmxkd5tA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=12, mss=1297, tbw=2771, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
bQzu5q/bIEWyGvDUD6CS0WmApyDszlBTEtnHpqGGe8h6I9iEwBHobmef/BdsQQauHxI/a5jITsROXy+ID3zP0A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
8be5256acdcf4a45896613b0dfc46fff
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"377caaf3f815296f81c751c9093af63b"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 01 Jul 2024 18:09:47 GMT
1757775013019148289.png
cdntoos.bprlk.com/siteadmin/upload/img/
87 KB
88 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/upload/img/1757775013019148289.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
39712b65144552a0d2f4c407461343cbfbb4d3bf1f6b87cbc05822daf4bcdd49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:29:34 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
66814F78FC4F3FB2ED3B7A17
content-md5
E7He5rTlfgvg3kiIc7cJPg==
age
19681
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
89072
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 13:16:55 GMT
server
AliyunOSS
etag
"13B1DEE6B4E57E0BE0DE488873B7093E"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
s-maxage=86400,max-age=1800,public
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
5035773377775828854
x-amz-cf-id
zHg6LdaMSelXdYUfFz7HaIDz6M_YB7sLln42k4OHtYvXtFCm_0GfKw==
x-oss-server-time
27
1757774747075637250.png
cdntoos.bprlk.com/siteadmin/upload/img/
126 KB
127 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/upload/img/1757774747075637250.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
7d3f6deaadb33e1d41fbfafd795219bff9965ad6eaf34cf0ac5843552fee4a3f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:06:06 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
6680E4413B2202A74E48CD68
content-md5
ipeMvjLHeFZ7jAU4ZpEi6A==
age
46289
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
129413
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 13:16:55 GMT
server
AliyunOSS
etag
"8A978CBE32C778567B8C0538669122E8"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
s-maxage=86400,max-age=1800,public
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12992916391852741572
x-amz-cf-id
GD3r-mv5nnjCsBAV_bUlSz-5G2htEDDV4yYIW2JGu8cpuI00vWTY_w==
x-oss-server-time
19
1757774299002335233.png
cdntoos.bprlk.com/siteadmin/upload/img/
86 KB
87 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/upload/img/1757774299002335233.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
455674faff16f3039a1abb734f49b5104aa90ecd20f76833954cd9c671ac33e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:29:34 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
66814F7864BB29FA563D92F3
content-md5
M4q0RMgo86eD98dHdAQ43g==
age
19681
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
88339
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 13:16:55 GMT
server
AliyunOSS
etag
"338AB444C828F3A783F7C747740438DE"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
s-maxage=86400,max-age=1800,public
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10776290596066479887
x-amz-cf-id
tYJBHyXZo7PKubgcaPzG1bTEPPRJTEgVTzND_-h2ohYwnHbXKP_ZoQ==
x-oss-server-time
21
1757773890541019138.png
cdntoos.bprlk.com/siteadmin/upload/img/
90 KB
90 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/upload/img/1757773890541019138.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
c9b2d7ec2515b4a16d4afdc9711737a6929f0042d052405d42058cd9b298f607

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:29:34 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
66814F789EB6B20B9B39CD09
content-md5
/XVnrXu6TZZcYg7CRyAdQQ==
age
19681
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
92085
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 13:16:55 GMT
server
AliyunOSS
etag
"FD7567AD7BBA4D965C620EC247201D41"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
s-maxage=86400,max-age=1800,public
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12471654378870647483
x-amz-cf-id
fEVChggfFyBNmPxMAa7Zp2-nX0AI1PvkK3RRuW06PrSJsqXUrdFfEw==
x-oss-server-time
40
sdk.js
connect.facebook.net/en_US/
305 KB
87 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=32e5150afd22e533fb4e7847df7d7851
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
c349490ae1b105517f3322b84fdeb554d72d5fec4782f738c955b1e3e2997140
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Origin
https://evamrx.r09uwjowqgvf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 01 Jul 2024 17:57:36 GMT
content-md5
FNYa/0vQpab3RGuTp9Ydeg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
89057
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=22, rtx=0, c=23, mss=1232, tbw=4286, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug
GLpIz3DE5FdMzQkLCDYFRMPoA2vAYbayCSp+GSKNREYF27+MMDE8yrbNmRYHoKiB8YDLa2rM6xewn1j1KfZl2Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
7c37c4b4feed6a34258b29da44555f8d
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"d34851e9f8e6760c9f6bbcf54c28d27a"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Tue, 01 Jul 2025 17:25:23 GMT
ipCheck
evamrx.cbtwen.com/hall/
238 B
571 B
XHR
General
Full URL
https://evamrx.cbtwen.com/hall/ipCheck?siteCode=1000&currency=CNY&language=zh&platformType=5
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
6455f63d4ec074dfb573d941786698c7fb314dafb1b82f78c67f117328750a24

Request headers

devicetype
3
x-version
4.0.419
appVersion
v4.0.419
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce
93796d56-8c37-4cec-ae5d-b01bf9fc8b5a
isWgPackage
false
language
zh
accept-language
zh
browserfingerid
isSpeedPackae
false
device
8f6afd4d-dd54-4199-8b60-b20c2cc8f541
x-request-id
93796d56-8c37-4cec-ae5d-b01bf9fc8b5a
sign
sdsRHLNL05I2KdrbKXw945GMtjwYDkRrotj2jTwi2EpEGH8ztwNiMmzZiAayAOyv
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
domain
evamrx.r09uwjowqgvf.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1719856649096,"version":1719802300000}}
auth
undefined
x-custom-referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept
application/json, text/plain, */*
timestamp
1719856655
Referer
https://evamrx.r09uwjowqgvf.com/
siteCode
1000
newJwt
token
clienttimezone
UTC+2
deviceModel
Chrome126.0.0.0

Response headers

date
Mon, 01 Jul 2024 17:57:40 GMT
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-env-go-biz-gateway
0
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
238
x-trace-id
4501ac59a64ea40a
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-server-version
4.0.0
x-amz-cf-id
dyC6_Y9QHPTRHliPPH1kTi-FdU7kO65MBrgPzA_yjr8I31zVoEV-6w==
ipCheck
evamrx.cbtwen.com/hall/
0
0
Preflight
General
Full URL
https://evamrx.cbtwen.com/hall/ipCheck?siteCode=1000&currency=CNY&language=zh&platformType=5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
appversion,auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
GET
Origin
https://evamrx.r09uwjowqgvf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
appversion,auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
application/octet-stream
date
Mon, 01 Jul 2024 17:57:36 GMT
server
nginx
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-id
yB0lCJtQaPuOp4sAyJ9gE8_Q5Hhd9ODN2JH-IOMLUDOr2YE688vPIQ==
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
img_sjb_bg.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/common/selfoperated-games/
116 KB
117 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/common/selfoperated-games/img_sjb_bg.webp?manualVersion=1&version=c383e450a7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
f0f195d81bd7f80d48f9ba11d6cfc27fc60b32a7c306af2ebd3e810b08cfb819

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:06:11 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
66823942678B8E40C7CFD67F
content-md5
vZ4bCK9CKnc8LIVTkxLEWA==
age
46289
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
118826
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 04:34:21 GMT
server
AliyunOSS
etag
"BD9E1B08AF422A773C2C85539312C458"
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
18081051745875550605
x-amz-cf-id
7oD9UnezK6kORyof05hmiaVoLE28F2nYbiBR_t8yw1qbf5DvwsBwEg==
x-oss-server-time
35
domain
evamrx.cbtwen.com/hall/promote/pointer/
0
0
Preflight
General
Full URL
https://evamrx.cbtwen.com/hall/promote/pointer/domain
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
appversion,auth,browserfingerid,clienttimezone,content-type,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
POST
Origin
https://evamrx.r09uwjowqgvf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
appversion,auth,browserfingerid,clienttimezone,content-type,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
application/octet-stream
date
Mon, 01 Jul 2024 17:57:40 GMT
server
nginx
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-id
5jPxNPvQumC3Ft-2wBzW4pgb4ltmweU3D8kRA0PucJ6u4R4mbLJg4g==
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
get
evamrx.cbtwen.com/hall/promote/point/
0
0
Preflight
General
Full URL
https://evamrx.cbtwen.com/hall/promote/point/get
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
appversion,auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
POST
Origin
https://evamrx.r09uwjowqgvf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
appversion,auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
application/octet-stream
date
Mon, 01 Jul 2024 17:57:40 GMT
server
nginx
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-id
ABomm63zKNSCHgt9sJk8HrQM8DBmIh8sGP3IptLsCSh3eTIjTjQ88g==
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
gt.js
evamrx.r09uwjowqgvf.com/libs/gt@5/
5 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/libs/gt@5/gt.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
c54e8eef343ddf228ab711c9f924df5197906aa4c3a7a856cf59017da10d2472
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE14B3748431310A42A6
content-md5
seGtbRmWkcsA5RP74x0t+Q==
x-cache-status
MISS
rid
2006e5346821a2e00b9cf83ab1a65c10
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:09 GMT
server
gocache
etag
W/"B1E1AD6D199691CB00E513FBE31D2DF9"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2145963118752755642
x-oss-server-time
4
zh.json
cdntoos.bprlk.com/hall/activetask/pop_newcomerBenefit/currency/CNY/language/
192 B
754 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/activetask/pop_newcomerBenefit/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
82f5efe5c798085da6084fc5d70d8418095a1889ecfa500d785ee465428b956f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:55:28 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
666FAC9F4E63C560007D25B7
content-md5
S72OAQQpK98Ao+K9JTCb8g==
age
132
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
192
x-oss-object-type
Normal
last-modified
Mon, 10 Jun 2024 08:26:30 GMT
server
AliyunOSS
etag
"4BBD8E0104292BDF00A3E2BD25309BF2"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16508078100326785094
vary
Accept-Encoding
x-amz-cf-id
P9d1GNizLTyl4SnwWd3OZKupsrRJV2oHsmd7YTGcZn1QMu22OVfD-w==
x-oss-server-time
2
zh.json
cdntoos.bprlk.com/hall/activetask/pop_taskDay/currency/CNY/language/
300 B
862 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/activetask/pop_taskDay/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
58e1962e32b67cc0703c7c1a2d1c7d6039b3f39a2884ad6fa813bae988a6c8e1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:55:28 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
666FAC9F678B8EB2BB834760
content-md5
MaBFNAlVm47N/R//Tr7SmQ==
age
132
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
300
x-oss-object-type
Normal
last-modified
Mon, 10 Jun 2024 08:26:30 GMT
server
AliyunOSS
etag
"31A0453409559B8ECDFD1FFF4EBED299"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
1580482804764144045
vary
Accept-Encoding
x-amz-cf-id
jqcejnTi1SBKr_ushmCIoGT1Dgy2lrz--QwG_aMfdikBeuNqgx-5Tw==
x-oss-server-time
2
zh.json
cdntoos.bprlk.com/hall/activetask/pop_taskWeek/currency/CNY/language/
172 B
735 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/activetask/pop_taskWeek/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
44d05e707645a91d1f5c52647f7862ff5352c562e2bbb1b206480620c48e8e04

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:55:28 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
666FAC9F4E63C560007D25BD
content-md5
L5753E1Sncel6NIA2KjHjw==
age
132
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
172
x-oss-object-type
Normal
last-modified
Mon, 10 Jun 2024 08:29:00 GMT
server
AliyunOSS
etag
"2F9EF9DC4D529DC7A5E8D200D8A8C78F"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12659523618867971520
vary
Accept-Encoding
x-amz-cf-id
t9V3i-RdG2_hV68hPhsVbNDfy-xLg2ny1Hrz7ck_laT7Sw9QCXxQLg==
x-oss-server-time
1
zh.json
cdntoos.bprlk.com/hall/activetask/pop_taskThreeDay/currency/CNY/language/
172 B
736 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/activetask/pop_taskThreeDay/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
23037baf3b75484672d1d2b3cbe3e75371c5c3d7964b29b9369584597d34ef1b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:55:28 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682E89C34FAB65858828497
content-md5
MZOx0W932D6dOfcwPJn5uA==
age
132
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
172
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 16:22:00 GMT
server
AliyunOSS
etag
"3193B1D16F77D83E9D39F7303C99F9B8"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16821978579181935830
vary
Accept-Encoding
x-amz-cf-id
q2puKpDZRGRmQ0T9FzIvotJIEYhqmM6EEG7e0C9u-xAPRdlqeRNqFg==
x-oss-server-time
1
zh.json
cdntoos.bprlk.com/hall/customer/staffallv3/currency/CNY/language/
6 KB
5 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/customer/staffallv3/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
9b1b313116c2a045cbe88db38bc303b148a766d65fa1877794790165c4d74f16

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:40 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682E89C678B8E40C75C3788
content-md5
ZynszjW95fy4OXZHz36CWA==
x-amz-cf-pop
FRA60-P7
x-cache
RefreshHit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 03:52:00 GMT
server
AliyunOSS
etag
"6729ECCE35BDE5FCB8397647CF7E8258"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=60,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
14462020962948370206
vary
Accept-Encoding
x-amz-cf-id
6cz618to1E0mwxIvONnOHiATHldgU5jNTZJaS1ILpRhqPqh-hQXCdQ==
x-oss-server-time
2
CNY.json
cdntoos.bprlk.com/hall/message/popupcfg/currency/
64 B
628 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/message/popupcfg/currency/CNY.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
6d31305964acb7496ca50d41839f94e4c432cfdd47146df1a3a58362c0a1391b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:39 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
666D7ED33B220273BF572896
content-md5
RFWS2a35XntNOHwD9zYEqA==
age
241
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
64
x-oss-object-type
Normal
last-modified
Mon, 10 Jun 2024 08:27:00 GMT
server
AliyunOSS
etag
"445592D9ADF95E7B4D387C03F73604A8"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
18098677612454538021
vary
Accept-Encoding
x-amz-cf-id
DE476tdQNr_LaKCLnhJi6AzDX8PYMcNq0rKX7AqfsSTBU9OddObmvQ==
x-oss-server-time
2
domain
evamrx.cbtwen.com/hall/promote/pointer/
49 B
416 B
XHR
General
Full URL
https://evamrx.cbtwen.com/hall/promote/pointer/domain
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
9fbfb41c691e86457e704d8ec89ce1a55d90c2f67def3002314a77672a75027a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-version
4.0.419
nonce
aa26dcc9-fac7-41bf-905e-af27d10e3a1a
isWgPackage
false
language
zh
accept-language
zh
isSpeedPackae
false
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
Content-Type
application/json
x-custom-referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
siteCode
1000
newJwt
token
b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone
UTC+2
devicetype
3
appVersion
v4.0.419
browserfingerid
device
8f6afd4d-dd54-4199-8b60-b20c2cc8f541
x-request-id
aa26dcc9-fac7-41bf-905e-af27d10e3a1a
sign
llQlDGHEDgR+UAPo7zwLGV1fEogMvq1B582p2NE3prQvCgNd2dqXOSHjA0TY7WQY
domain
evamrx.r09uwjowqgvf.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1719856649096,"version":1719802300000}}
auth
undefined
timestamp
1719856655
deviceModel
Chrome126.0.0.0

Response headers

date
Mon, 01 Jul 2024 17:57:40 GMT
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-env-go-biz-gateway
0
api-cache
false
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
x-env-go-biz-agent-server
0
alt-svc
h3=":443"; ma=86400
content-length
49
x-trace-id
20a54aba93855996
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-server-version
4.0.0
x-amz-cf-id
SkFHOJVw6xcpzh_W5D2UAcp_WSZufBX6hrEzyyOf4Jm3yMOii5XYRw==
get
evamrx.cbtwen.com/hall/promote/point/
88 B
451 B
XHR
General
Full URL
https://evamrx.cbtwen.com/hall/promote/point/get
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
abac040e4022834fd027b0e297eed9cbb79ae6ebf7f08b51d79df4d2b44968f6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-version
4.0.419
nonce
fa6251f0-ec5f-4a2f-8cf2-3a6d77ef08e9
isWgPackage
false
language
zh
accept-language
zh
isSpeedPackae
false
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
Content-Type
text/plain
x-custom-referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
siteCode
1000
newJwt
token
b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone
UTC+2
devicetype
3
appVersion
v4.0.419
browserfingerid
device
8f6afd4d-dd54-4199-8b60-b20c2cc8f541
x-request-id
fa6251f0-ec5f-4a2f-8cf2-3a6d77ef08e9
sign
4JAe/rMhjt6j6/dlF5p3Z/QJP1Xu0F5zyD8gbZagJq821scYtaYXqmIr6mllk0rL
domain
evamrx.r09uwjowqgvf.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1719856649096,"version":1719802300000}}
auth
undefined
timestamp
1719856655
deviceModel
Chrome126.0.0.0

Response headers

date
Mon, 01 Jul 2024 17:57:40 GMT
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-env-go-biz-gateway
0
api-cache
false
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
x-env-go-biz-agent-server
0
alt-svc
h3=":443"; ma=86400
content-length
88
x-trace-id
1751ce9c84d21553
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-server-version
4.0.0
x-amz-cf-id
XY044fL_fxHuRP1KVCp9YiKemlgn_VttqoUNsbBDJQdMsyMIj1GQxA==
true.json
cdntoos.bprlk.com/hall/message/all/index/currency/CNY/frame/true/language/zh/list/0/marqueePage/1/marqueeSize/10/unReadListCount/
4 KB
4 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/message/all/index/currency/CNY/frame/true/language/zh/list/0/marqueePage/1/marqueeSize/10/unReadListCount/true.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
191c541bbfb038a1dfbf78dfe68e49ed4497bfeae2911426f49eb329701cd8d5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:40 GMT
content-encoding
gzip
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
6682DCC3FC4F3FB2ED4BC181
content-md5
1JxAcVPcAOj7DwVitRyVrg==
age
240
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 04:13:30 GMT
server
AliyunOSS
etag
"D49C407153DC00E8FB0F0562B51C95AE"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
5199718843978739702
vary
Accept-Encoding
x-amz-cf-id
ECMUfvvskl1jbqvYfTEibhOkuZUJNX8QSzycAU0chfmAHEeYLdUkzw==
x-oss-server-time
1
btn_sjb_sx.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-common/common/selfoperated-games/
4 KB
4 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-common/common/selfoperated-games/btn_sjb_sx.webp?manualVersion=1&version=389c4fee97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ac3682815bc0d7e758cb97d4d4e4d2544c4f2736d771b42eb5b1ee9909eb7a7c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 10:23:25 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667FDEACFC4F3FB2ED6FFB3A
content-md5
xemPoV/AlzHSnbwCwli2Mg==
age
27255
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
3900
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 04:00:10 GMT
server
AliyunOSS
etag
"C5E98FA15FC09731D29DBC02C258B632"
vary
Accept-Encoding
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2780302026695625552
x-amz-cf-id
Jri4htkO3r1VRyeUcCYnwCt7upN5JVCrEOWaMCoaikFspPaAtZx8zw==
x-oss-server-time
20
img_sjb_arrow.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/app/selfoperated-games/
110 B
615 B
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/app/selfoperated-games/img_sjb_arrow.webp?manualVersion=1&version=v4.0.419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ca0b2353caf62bd8ac8d25e7e35be77f7d679bc05897c4ea81b3041e34c85bd5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 08:20:57 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
668266E96C78FC5FB135FD20
content-md5
kGbNKpO8brtOgllWGSgldg==
age
34603
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
110
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 07:00:07 GMT
server
AliyunOSS
etag
"9066CD2A93BC6EBB4E82595619282576"
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2221062954408747019
x-amz-cf-id
aTvYW7rWIoRUyKg4bCfRNzy8daz55Y9TBS0iJIl9W8vO0VOToD8c5Q==
x-oss-server-time
3
1757369158952579073.png
cdntoos.bprlk.com/siteadmin/upload/img/
18 KB
18 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/upload/img/1757369158952579073.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
0347e3ae6c2a3f7bcbc6b36460994edb4c378ed8f7d507671f575ef35f4d9f2c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:33:30 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
6681504643CB4DDD803C1B7D
content-md5
xoWnr/qBCeD5hfi2fSHmDg==
age
19450
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
18411
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 13:16:55 GMT
server
AliyunOSS
etag
"C685A7AFFA8109E0F985F8B67D21E60E"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
s-maxage=86400,max-age=1800,public
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12279585779924898714
x-amz-cf-id
NdsHnSGZfCKc9rBTRBUvR4bbH0cVpOAG5ZWefEjmszuFXZI08fYJlg==
x-oss-server-time
24
heartbeat
evamrx.cbtwen.com/hall/home/
88 B
567 B
XHR
General
Full URL
https://evamrx.cbtwen.com/hall/home/heartbeat
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
ae38d7de484cbf1787a15d6fac05b37958e3e3c92e90a1601e51a3df6952e7e6

Request headers

devicetype
3
x-version
4.0.419
appVersion
v4.0.419
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce
2718d7dc-739b-4f79-940b-3f0243a0e784
isWgPackage
false
language
zh
accept-language
zh
browserfingerid
isSpeedPackae
false
device
8f6afd4d-dd54-4199-8b60-b20c2cc8f541
x-request-id
2718d7dc-739b-4f79-940b-3f0243a0e784
sign
5jhSdyN9+d1wbcKrUoKc12Ru6ZJQ+xwhXvi3NthM2ng8Rabi9MLWQvXeT1NjlbWR
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
domain
evamrx.r09uwjowqgvf.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1719856649096,"version":1719802300000}}
auth
undefined
x-custom-referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept
application/json, text/plain, */*
timestamp
1719856659
Referer
https://evamrx.r09uwjowqgvf.com/
siteCode
1000
newJwt
token
b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone
UTC+2
deviceModel
Chrome126.0.0.0

Response headers

date
Mon, 01 Jul 2024 17:57:40 GMT
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-env-go-biz-gohal-server
0
x-env-go-biz-gateway
0
api-cache
false
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
88
x-trace-id
6f855509658f561d
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-server-version
4.0.0
x-amz-cf-id
MywlZMbob1QjKbNoAbwfR2HaYrLjU6Kpp9b4tj1IHfrXuKOkbkokYQ==
heartbeat
evamrx.cbtwen.com/hall/home/
0
0
Preflight
General
Full URL
https://evamrx.cbtwen.com/hall/home/heartbeat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
appversion,auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
POST
Origin
https://evamrx.r09uwjowqgvf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
appversion,auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
application/octet-stream
date
Mon, 01 Jul 2024 17:57:40 GMT
server
nginx
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-id
TBJaHrL0RRSExDKx7vdtqsByWCWxDS8bHSl0Ong0cbBg6fag8tTAUQ==
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
5397.f33ef10d17ad2771b5d8.css
evamrx.r09uwjowqgvf.com/assets/
26 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/5397.f33ef10d17ad2771b5d8.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
5c183acdaa09073a1c465fb31a3d2f5a3da99aee8354d59a6e53026a1afbcca1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:40 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE14B374843131EE42A6
content-md5
mSkgsfBhmpkLEqH0e/icBQ==
x-cache-status
MISS
rid
f0e3378e0f8a42474a9ecfe175b30a9c
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:41 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17804773281902284694
x-oss-server-time
14
5397.9548ddbfa07df8f4d7c5.js
evamrx.r09uwjowqgvf.com/assets/
12 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/5397.9548ddbfa07df8f4d7c5.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
63d1d4118ed1bdd45b10f0d37b83ad090e7ec4b141a6e512b4d8df57ff00c82d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682ECEDFC567C363795D61D
content-md5
8Y9adI3AdN0ZMG4JPOpskg==
x-cache-status
HIT
rid
489f481f8b4b0140c893237a733c23c5
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"F18F5A748DC074DD19306E093CEA6C92"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
5972839967959726673
x-oss-server-time
5
btn_sjb_sx.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-common/common/selfoperated-games/
4 KB
0
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-common/common/selfoperated-games/btn_sjb_sx.webp?manualVersion=1&version=389c4fee97
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ac3682815bc0d7e758cb97d4d4e4d2544c4f2736d771b42eb5b1ee9909eb7a7c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 10:23:25 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
667FDEACFC4F3FB2ED6FFB3A
content-md5
xemPoV/AlzHSnbwCwli2Mg==
age
27255
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
3900
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 04:00:10 GMT
server
AliyunOSS
etag
"C5E98FA15FC09731D29DBC02C258B632"
vary
Accept-Encoding
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2780302026695625552
x-amz-cf-id
Jri4htkO3r1VRyeUcCYnwCt7upN5JVCrEOWaMCoaikFspPaAtZx8zw==
x-oss-server-time
20
img_sjb_arrow.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/app/selfoperated-games/
110 B
0
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/app/selfoperated-games/img_sjb_arrow.webp?manualVersion=1&version=v4.0.419
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ca0b2353caf62bd8ac8d25e7e35be77f7d679bc05897c4ea81b3041e34c85bd5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 08:20:57 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
668266E96C78FC5FB135FD20
content-md5
kGbNKpO8brtOgllWGSgldg==
age
34603
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
110
x-oss-object-type
Normal
last-modified
Mon, 01 Jul 2024 07:00:07 GMT
server
AliyunOSS
etag
"9066CD2A93BC6EBB4E82595619282576"
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2221062954408747019
x-amz-cf-id
aTvYW7rWIoRUyKg4bCfRNzy8daz55Y9TBS0iJIl9W8vO0VOToD8c5Q==
x-oss-server-time
3
1757369158952579073.png
cdntoos.bprlk.com/siteadmin/upload/img/
18 KB
513 B
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/upload/img/1757369158952579073.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
0347e3ae6c2a3f7bcbc6b36460994edb4c378ed8f7d507671f575ef35f4d9f2c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 12:33:30 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
6681504643CB4DDD803C1B7D
content-md5
xoWnr/qBCeD5hfi2fSHmDg==
age
19450
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
18411
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 13:16:55 GMT
server
AliyunOSS
etag
"C685A7AFFA8109E0F985F8B67D21E60E"
vary
Accept-Encoding
x-oss-ec
0048-00000111
content-type
image/png
cache-control
s-maxage=86400,max-age=1800,public
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12279585779924898714
x-amz-cf-id
hvEL-7RjtddQT8X1WgWTUQAQNL3GpzxGpKvL-qt_M1rkEQq_fLRcKQ==
x-oss-server-time
24
truncated
/
1 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1a4a47a0e91f2d63ec27cce3de73f7a28f0b65b862416a9c2b6a63639dc0a1c8

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
1757820435744911362.png
cdntoos.bprlk.com/siteadmin/upload/img/
171 KB
172 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/upload/img/1757820435744911362.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
271836755be03dfb9ef5e96c27a39a654c0e9ce5b9a2170727983d2439277922

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 10:05:10 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
66812D83FC4F3FB2EDEEF958
content-md5
NNa2dlVngpQ26ih9lSEcmQ==
age
28350
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
175076
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 13:16:55 GMT
server
AliyunOSS
etag
"34D6B6765567829436EA287D95211C99"
vary
Accept-Encoding
content-type
image/png
x-oss-ec
0048-00000111
cache-control
s-maxage=86400,max-age=1800,public
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
13523427796368005212
x-amz-cf-id
C15dm6G-nckN-pxEVhvuSriMbpTGuBoyuyU_1xbmIuVGAxoVTKQRSw==
x-oss-server-time
2
6983.3ef83197bd60ac5c5e5a.css
evamrx.r09uwjowqgvf.com/assets/
73 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/6983.3ef83197bd60ac5c5e5a.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
fede09d9c770615298225beac6d2ba9d42dbd4f2288c72165ffcf38d65184039
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE15B3748431313546A6
content-md5
6blJ1eQLriTM1tYTitksTQ==
x-cache-status
MISS
rid
6ff761c0b5de4c99aa46a0d1ad98bafa
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:15:59 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2888690346391045478
x-oss-server-time
6
6983.887d39a7de982024bf0a.js
evamrx.r09uwjowqgvf.com/assets/
106 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/6983.887d39a7de982024bf0a.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
affa58f8ffcee019553642b7f2208ddab189d9d2bc2910eeea98629b279d9af2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE15DA8A79333151C03D
content-md5
ujoy4jCQ5iRyu5t/beUTHQ==
x-cache-status
MISS
rid
3cf4dfa593ce1e998a2889087ffbda22
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:43 GMT
server
gocache
etag
W/"BA3A32E23090E62472BB9B7F6DE5131D"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
14185925367545973325
x-oss-server-time
10
pre_load
riskct.geetest.com/g2/api/v1/
292 B
662 B
Script
General
Full URL
https://riskct.geetest.com/g2/api/v1/pre_load?client_type=web&callback=geetest_1719856666064
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/libs/gt@5/gt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.44.80 -, , ASN (),
Reverse DNS
Software
TornadoServer/6.1 /
Resource Hash
2f804ed0724f8136e1ddefa2e77df1574d9fd170f1434fb41959569164c72455

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 17:57:41 GMT
server
TornadoServer/6.1
eo-cache-status
MISS
etag
"9fb58a177f5cd039139b3e047456c68e7c8a4317"
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
cache-control
must-revalidate, no-cache, no-store
eo-log-uuid
2175282330684191564
access-control-allow-headers
Appid, Client-Type, Api-Version, GeeID, Content-Type
content-length
292
expires
0
zh.json
cdntoos.bprlk.com/hall/home/smsCountry/currency/CNY/language/
856 B
1 KB
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/home/smsCountry/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
ff49a390557a5c980be91a0731f9c981c3b5b0d3abae8768b5d7e6d1c0859601

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:53:51 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
667950CC3B220273BFC230D5
content-md5
X7yrLkAdNqgHBhZOe/Q8LQ==
age
230
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
856
x-oss-object-type
Normal
last-modified
Fri, 21 Jun 2024 16:11:30 GMT
server
AliyunOSS
etag
"5FBCAB2E401D36A80706164E7BF43C2D"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16745870045997617821
vary
Accept-Encoding
x-amz-cf-id
WYtgXHrTworG7Bord_U37US_6A5FXsywS0_sqlonplP6t7DXzn9mXg==
x-oss-server-time
2
getIpBindInfo
evamrx.cbtwen.com/hall/promote/
0
0
Preflight
General
Full URL
https://evamrx.cbtwen.com/hall/promote/getIpBindInfo
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
appversion,auth,browserfingerid,clienttimezone,content-type,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
POST
Origin
https://evamrx.r09uwjowqgvf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
appversion,auth,browserfingerid,clienttimezone,content-type,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
application/octet-stream
date
Mon, 01 Jul 2024 17:57:41 GMT
server
nginx
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-amz-cf-id
S2kloe2IMLyVWSuRU0sDw5C_pR6RJup3K-Vsi9tsM_IiQCCsDQF8Xw==
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
truncated
/
413 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b4877375a7af765e2fa097e240b7051b28ca8133929ee7d44c49fedb8231591

Request headers

Referer
Origin
https://evamrx.r09uwjowqgvf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
1757368421239349250.png
cdntoos.bprlk.com/siteadmin/upload/img/
9 KB
512 B
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/upload/img/1757368421239349250.png
Protocol
H2
Security
QUIC, , AES_128_GCM
Server
2600:9000:275b:3a00:c:5d83:e700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AliyunOSS /
Resource Hash
46b344b5b2f31242243c1c6b9d67e7f800c4888d0d4bf7f396ae01e76a690706

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 05:34:51 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
6680EE64678B8E40C75F4F4D
content-md5
OKBQ2cO+iHs4wVTSS4HDQQ==
age
44570
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
9588
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 13:16:55 GMT
server
AliyunOSS
etag
"38A050D9C3BE887B38C154D24B81C341"
vary
Accept-Encoding
x-oss-ec
0048-00000111
content-type
image/png
cache-control
s-maxage=86400,max-age=1800,public
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12541293456544544259
x-amz-cf-id
5WFPKF-U91Sw91Fqu_36FCecficdA641QU30kbZFT11G93qKjGoJLg==
x-oss-server-time
18
getIpBindInfo
evamrx.cbtwen.com/hall/promote/
120 B
487 B
XHR
General
Full URL
https://evamrx.cbtwen.com/hall/promote/getIpBindInfo
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
5546047f6d83a79db4111830009b3edbf5202f5c1098ca6abe6660566a27e795

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
x-version
4.0.419
nonce
ed51657e-979e-4495-b07d-9beda4006134
isWgPackage
false
language
zh
accept-language
zh
isSpeedPackae
false
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
Content-Type
application/json
x-custom-referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept
application/json, text/plain, */*
Referer
https://evamrx.r09uwjowqgvf.com/
siteCode
1000
newJwt
token
b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone
UTC+2
devicetype
3
appVersion
v4.0.419
browserfingerid
device
8f6afd4d-dd54-4199-8b60-b20c2cc8f541
x-request-id
ed51657e-979e-4495-b07d-9beda4006134
sign
0KBqK1cISdVroJV28EnZmRSLEohFIWkB5A08sk79CtvxnGAlcihFrS066hs8BTfg
domain
evamrx.r09uwjowqgvf.com
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1719856649096,"version":1719802300000}}
auth
undefined
timestamp
1719856660
deviceModel
Chrome126.0.0.0

Response headers

date
Mon, 01 Jul 2024 17:57:42 GMT
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
x-env-go-biz-gateway
0
api-cache
false
x-amz-cf-pop
AMS58-P5
x-cache
Miss from cloudfront
x-env-go-biz-agent-server
0
alt-svc
h3=":443"; ma=86400
content-length
120
x-trace-id
14152b09309f7b52
server
nginx
access-control-max-age
3600
access-control-allow-methods
*
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-server-version
4.0.0
x-amz-cf-id
_xGrrBNSIhc0CDp2qmVLRktXItmzPkhSFhdkcd8yYOucmmjQuqrFeQ==
geeGuard.96d80ef3c3d3dfd5cacec51e0882199c.js
static.geetest.com/g5/v1/static/v1.2.1/js/
181 KB
50 KB
Script
General
Full URL
https://static.geetest.com/g5/v1/static/v1.2.1/js/geeGuard.96d80ef3c3d3dfd5cacec51e0882199c.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/libs/gt@5/gt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6c1 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
cd7aebcfbcbdfc4ab2dad0943ef287e6bdb66eed36ce189b19307c00f9341351

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Origin
https://evamrx.r09uwjowqgvf.com
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:42 GMT
content-encoding
gzip
cf-cache-status
MISS
x-goog-meta-goog-reserved-file-mtime
1719453264
x-guploader-uploadid
ACJd0Np2I9ahstg4NUEKetLObjZmRi897I8BwSEF00uFjFgZeuPsnVMzGlLe7mDbOf0Q77OwYhTyEiHL0A
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 27 Jun 2024 02:00:38 GMT
server
cloudflare
etag
W/"d2d714ade9d07ae1ee40c1cc663e1dfd"
vary
Accept-Encoding
x-goog-generation
1719453638929892
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=bKjg5Q==, md5=0tcUrenQeuHuQMHMZj4d/Q==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-meta-mtime
2024-06-27T01:54:24Z
x-goog-stored-content-length
185728
cf-ray
89c847a85ed21c32-FRA
expires
Tue, 02 Jul 2024 17:57:41 GMT
8971.e902fa0f6a8b8ce3918d.css
evamrx.r09uwjowqgvf.com/assets/
4 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/8971.e902fa0f6a8b8ce3918d.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
ce4c2e46731271241e77db9ee903d6d928f624e6f670554d7c743ff12f10abc0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE15DA8A7933312FC53D
content-md5
lgCgfel5KV7z+PJV1NzidQ==
x-cache-status
MISS
rid
22fa4583485a2efd4cdb166e60a9dcb7
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2874159491540625418
x-oss-server-time
15
8971.6768564fc47d50ca695c.js
evamrx.r09uwjowqgvf.com/assets/
9 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/8971.6768564fc47d50ca695c.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
e7f5c3176818e414720fe53b9431afff5253c9b468be858454c84d4ece7bff98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE15B374843131E84AA6
content-md5
ueRoW7FpGTu6Zu+fF1dhbw==
x-cache-status
MISS
rid
0cf2659de3c3ba7113e4339b7cad63b5
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"B9E4685BB169193BBA66EF9F1757616F"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
6610856736314164691
x-oss-server-time
5
floatBar@theme=1.11854f633953e2594b57.css
evamrx.r09uwjowqgvf.com/assets/
2 KB
0
Stylesheet
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/floatBar@theme=1.11854f633953e2594b57.css
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
bbb48c1b3ae91f10b7b25833477f62f1e50a4dd75adec00624364f2b3b5587ab
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:41 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE15B374843836EB4AA6
content-md5
PoPy0jW5KDh7JF+uYAEwhg==
x-cache-status
MISS
rid
3d84b21670126200e942720d87de784e
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
16534585770964139077
x-oss-server-time
5
floatBar@theme=1.1203babeab8c93e100b1.js
evamrx.r09uwjowqgvf.com/assets/
3 KB
0
Script
General
Full URL
https://evamrx.r09uwjowqgvf.com/assets/floatBar@theme=1.1203babeab8c93e100b1.js
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/runtime.b34cca315b755b50d3db.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
gocache /
Resource Hash
4a8268eb404c5826a6e63f642e33a0fad04de0b1acbd2cda7a8911164f7c5031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:41 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
6682EE151F8563333015507B
content-md5
eS9H0Yfy2ivTX6nM71vy8A==
x-cache-status
MISS
rid
6273d677579cd20c790e1a681bcb37d8
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 01 Jul 2024 08:14:40 GMT
server
gocache
etag
W/"792F47D187F2DA2BD35FA9CCEF5BF2F0"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10175411723416311227
x-oss-server-time
33
icon_cz_no.webp
cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/common/deposit/
948 B
1 KB
Image
General
Full URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/common/common/deposit/icon_cz_no.webp?manualVersion=1&version=3e1cc85094
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
fd334ae03988145358e60da04d72b329bf858b6c0b0ed37450bd35e79865349f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 30 Jun 2024 19:21:46 GMT
via
1.1 134eef7df83fe066fda8a86e722c33dc.cloudfront.net (CloudFront)
x-oss-request-id
66805E07EDBE262BC799F8C5
content-md5
2YTFxEBtRCdj2KipWW7d0w==
age
81355
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
948
x-oss-object-type
Normal
last-modified
Sat, 29 Jun 2024 03:46:45 GMT
server
AliyunOSS
etag
"D984C5C4406D442763D8A8A9596EDDD3"
vary
Accept-Encoding
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16223172675378377282
x-amz-cf-id
YH9urz4i9OrAISzswxx44JPIJ8neTz-YQ2rb3e2iAry_2MKcFYTmnw==
x-oss-server-time
36
zh.json
cdntoos.bprlk.com/hall/active/quickList/currency/CNY/language/
64 B
626 B
XHR
General
Full URL
https://cdntoos.bprlk.com/hall/active/quickList/currency/CNY/language/zh.json
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
3.160.150.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-150-113.fra60.r.cloudfront.net
Software
AliyunOSS /
Resource Hash
08fb529093b4737246974990a361383364774be696451fa149b7a1debf0d7b6b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:56:24 GMT
via
1.1 d0a36dbd6f5cc87855296f2852cab3ec.cloudfront.net (CloudFront)
x-oss-request-id
666FACA2678B8EB2BB834F3D
content-md5
4evMeMHDUyipKxuQPRVg3w==
age
78
x-amz-cf-pop
FRA60-P7
x-cache
Hit from cloudfront
content-disposition
attachment
alt-svc
h3=":443"; ma=86400
content-length
64
x-oss-object-type
Normal
last-modified
Mon, 10 Jun 2024 08:29:00 GMT
server
AliyunOSS
etag
"E1EBCC78C1C35328A92B1B903D1560DF"
access-control-max-age
200
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
1639371215106203834
vary
Accept-Encoding
x-amz-cf-id
NXVLVohbVK_n6xmqjdKN4Ab08ouVbmDiNG_WMaA44H5Uojs9FMOrKg==
x-oss-server-time
3
client_report
riskct.geetest.com/g2/api/v1/
2 KB
2 KB
XHR
General
Full URL
https://riskct.geetest.com/g2/api/v1/client_report
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/g5/v1/static/v1.2.1/js/geeGuard.96d80ef3c3d3dfd5cacec51e0882199c.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.44.80 -, , ASN (),
Reverse DNS
Software
TornadoServer/6.1 /
Resource Hash
004881c5ca6306be0fcfef06d36564cad248116c1e158dc0ffa1c9c2a5950811

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://evamrx.r09uwjowqgvf.com/
API-Version
1
AppID
9ia4hndgblg9xihxcwgdjt9ztg8sjwaf
Client-Type
3
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Mon, 01 Jul 2024 17:57:42 GMT
server
TornadoServer/6.1
eo-cache-status
MISS
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://evamrx.r09uwjowqgvf.com
cache-control
must-revalidate, no-cache, no-store
eo-log-uuid
12941843360780491944
access-control-allow-headers
Appid, Client-Type, Api-Version, GeeID, Content-Type
content-length
1981
expires
0
client_report
riskct.geetest.com/g2/api/v1/
0
0
Preflight
General
Full URL
https://riskct.geetest.com/g2/api/v1/client_report
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.152.44.80 -, , ASN (),
Reverse DNS
Software
TornadoServer/6.1 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
api-version,appid,client-type
Access-Control-Request-Method
POST
Origin
https://evamrx.r09uwjowqgvf.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Appid, Client-Type, Api-Version, GeeID, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://evamrx.r09uwjowqgvf.com
cache-control
must-revalidate, no-cache, no-store
content-length
0
content-type
application/json;charset=UTF-8
date
Mon, 01 Jul 2024 17:57:42 GMT
eo-cache-status
MISS
eo-log-uuid
9129236732379385222
expires
0
pragma
no-cache
server
TornadoServer/6.1
piaspeed.png
evamrx.cbtwen.com/
2 B
277 B
Fetch
General
Full URL
https://evamrx.cbtwen.com/piaspeed.png
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
18.239.83.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-239-83-120.ams58.r.cloudfront.net
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 04 Jun 2024 09:39:17 GMT
via
1.1 9840468fd7f0cd4b97907be5f049f14a.cloudfront.net (CloudFront)
server
nginx
age
2362710
x-amz-cf-pop
AMS58-P5
access-control-max-age
3600
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
2
x-amz-cf-id
y4EAWtKOpuMWd4YJpsvBzsrPO72XgHoxcRKUaO1IrO6WolzES0nHvQ==
piaspeed.png
cdnapiif.conbnw.com/
2 B
376 B
Fetch
General
Full URL
https://cdnapiif.conbnw.com/piaspeed.png
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2249:5600:10:2233:83c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 02:02:43 GMT
via
1.1 1d436979dbc6be1a36db9f38bc4fa80e.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
MXP63-P4
age
1785304
access-control-max-age
3600
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=86400
content-length
2
x-amz-cf-id
CH-A2VN48u0_Y2oYEwhqYkhlG2QaO7I7Yg_MvnR88AQa-yHFsAJ78g==
piaspeed.png
js.d15ucryyr.com/
2 B
0
Fetch
General
Full URL
https://js.d15ucryyr.com/piaspeed.png
Requested by
Host: evamrx.r09uwjowqgvf.com
URL: https://evamrx.r09uwjowqgvf.com/assets/main~9bf88260.f5778992b1cb09cf8fa3.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
154.203.26.91 Hong Kong, Hong Kong, ASN35916 (MULTA-ASN1, US),
Reverse DNS
Software
gocache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://evamrx.r09uwjowqgvf.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 17:57:34 GMT
c-type
st
server
gocache
x-cache-status
MISS
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
rid
77e81c995ce42e35c5cc5d090d295e7a
content-length
2
expires
Tue, 02 Jul 2024 17:57:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdntoos.bprlk.com
URL
https://cdntoos.bprlk.com/hall/system/status/currency/CNY/language/zh/osType/4/platformType/5.json
Domain
cdntoos.bprlk.com
URL
https://cdntoos.bprlk.com/siteadmin/skin/lobby_asset/1-1-1/web/home/icon_dt_pmd.webp?manualVersion=1&version=a3562768c8

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| LOBBY_SITE_CONFIG object| LOBBY_UTILS object| initSplash object| imgSupport object| webpackChunkmy_vue_app object| __core-js_shared__ object| wgMock function| saveAs object| logsMap object| webPushLog function| filterCSS function| filterXSS object| MTpushInterface undefined| __fpjs_p_l_b object| FB function| fbAsyncInit object| __buffer object| MonitoringAnalysis object| ReporterMananger

0 Cookies

6 Console Messages

Source Level URL
Text
javascript error URL: https://evamrx.r09uwjowqgvf.com/home/game?currency=CNY&id=30055099&cid=910935&gameCategoryId=0
Message:
Access to XMLHttpRequest at 'https://cdntoos.bprlk.com/hall/system/status/currency/CNY/language/zh/osType/4/platformType/5.json' from origin 'https://evamrx.r09uwjowqgvf.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cdntoos.bprlk.com/hall/system/status/currency/CNY/language/zh/osType/4/platformType/5.json
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://cdntoos.bprlk.com/cocos/maintain-time.json?timestamp=1719856651349
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://www.yongli-oss.com/cocos/maintain-time.json?timestamp=1719856652615
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://conn.webpush.theengagelab.com/v1/auth?user_str=undefined&appkey=245e11bc10222caf5865f6e1&is_temporary=n
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://tifjqr-1000-ppp.oss-accelerate.aliyuncs.com/cocos/maintain-time.json?timestamp=1719856655214
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

45781.pm
cdnapiif.conbnw.com
cdntoos.bprlk.com
conn.webpush.theengagelab.com
connect.facebook.net
evamrx.cbtwen.com
evamrx.r09uwjowqgvf.com
fpnpmcdn.net
js.d15ucryyr.com
riskct.geetest.com
static.geetest.com
tifjqr-1000-ppp.oss-accelerate.aliyuncs.com
www.yongli-oss.com
cdntoos.bprlk.com
114.119.189.26
154.203.26.91
154.203.26.93
157.240.0.6
172.65.194.65
18.239.83.120
18.245.31.43
2600:9000:20eb:2800:11:6b95:abc0:93a1
2600:9000:2249:5600:10:2233:83c0:93a1
2600:9000:275b:3a00:c:5d83:e700:93a1
2606:4700::6811:6c1
2a03:2880:f084:105:face:b00c:0:3
3.160.150.113
43.152.44.80
43.251.57.237
47.254.187.154
004881c5ca6306be0fcfef06d36564cad248116c1e158dc0ffa1c9c2a5950811
00b2c27d4d877c62e6631df5fe1c77b8503dc826152d0dd9e3a5771463de28ac
0347e3ae6c2a3f7bcbc6b36460994edb4c378ed8f7d507671f575ef35f4d9f2c
08fb529093b4737246974990a361383364774be696451fa149b7a1debf0d7b6b
0ba02a1c50807bbeabb26ad9f0af5188d95c3883c5bf0995c57d87dc57ae77a2
0d1e20f888da5f1b958c77be20c262141612e2c00a8f31d4771864c1fe415388
11be581b42fb4c2210864f3e6baff83a6f0b6f8085306a6f623c786191185fac
191c541bbfb038a1dfbf78dfe68e49ed4497bfeae2911426f49eb329701cd8d5
1a4a47a0e91f2d63ec27cce3de73f7a28f0b65b862416a9c2b6a63639dc0a1c8
1ba6cae4b80e72b57a2c6ac3624fafe7dc492a2510ae3558d6488055c044527f
1d101a8478615a1f948199e489f04632e2506e8e4c0f743c7e29e62455214629
1e1a165da26f0778b939f56cb8e7c6ae4476d06d726505825342f3a65fa3a583
1e28132635bdc25476917373d01aabed2de52a25e9d71797877560c7c3002817
23037baf3b75484672d1d2b3cbe3e75371c5c3d7964b29b9369584597d34ef1b
246fbc3aeb628e2952113206af909bef6f3eb8dca1437adacbadfcbc5ca79dfb
271836755be03dfb9ef5e96c27a39a654c0e9ce5b9a2170727983d2439277922
2f804ed0724f8136e1ddefa2e77df1574d9fd170f1434fb41959569164c72455
32e3ae899ed5a52cfc5be2703b684947b5474aa8e176c79e2c2793169c157d4c
346747b2a455780bbd0726a8c53c972a783703667900b5114cfed5c86fc01796
35181631d07a7ebaa0a810d9a2c813d7803baffcd0e6660f6417fe88c478ecb1
36a8ddf2b5d6d6057178cfc1e260586494fde737bb63667dd3896ad9a8d81b5f
39712b65144552a0d2f4c407461343cbfbb4d3bf1f6b87cbc05822daf4bcdd49
3f1e8b18f11e7a4e47b35dc8927a915a2aa622d2a93af5033da1bce413c6be4f
44d05e707645a91d1f5c52647f7862ff5352c562e2bbb1b206480620c48e8e04
44d5041f007d30a9b7079bd3a42ef6da96c4cda10a25b1bcc5a0a6f92b0aadcc
455674faff16f3039a1abb734f49b5104aa90ecd20f76833954cd9c671ac33e9
46b344b5b2f31242243c1c6b9d67e7f800c4888d0d4bf7f396ae01e76a690706
481dde1414f9a9996cf35cdb7a7fa412adc6b6d41569c9552718e1362da342e9
4a8268eb404c5826a6e63f642e33a0fad04de0b1acbd2cda7a8911164f7c5031
4b4877375a7af765e2fa097e240b7051b28ca8133929ee7d44c49fedb8231591
4bd3076350da34742ad2ca01cdc5ef0a205a4db1b528df50e6414c9fa3dc8539
4e89748aecccae426b960630a5336069417ffad213d305d29c261bff0f6f09c7
54b42e65df3e1b86a3cdc241cae1a00683d77ad01c560696dfaf57355a445018
5531ffbfc4bea2c2c0882d34c200d38d0d6a7648f7f4c87a9a4dca4b928b2c24
5546047f6d83a79db4111830009b3edbf5202f5c1098ca6abe6660566a27e795
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5688af82092a78b1d15acd409eebfb73da9ec9305e3d737773faf42d0cd6d958
57c153bc5258aedb951075de9237ce602ccff6e5dc038c776009150abf6d503f
58a8813eb78a5c9f1d3250842a67f434a995d11761f338496079a56bbe8a0ba2
58e1962e32b67cc0703c7c1a2d1c7d6039b3f39a2884ad6fa813bae988a6c8e1
5a411e5b2e3c7253ea677c1dfbcd2a7ad6ca6e662978e27bef841df0cdef4085
5a4324113cab5aefa0e207f696dbca744ec2d33cc176c2f221ecb7154307ba5c
5c183acdaa09073a1c465fb31a3d2f5a3da99aee8354d59a6e53026a1afbcca1
62ee1198cf40758a2d3a919eaf275b832b609b9660a3aae7dfc836026a79feb6
63d1d4118ed1bdd45b10f0d37b83ad090e7ec4b141a6e512b4d8df57ff00c82d
6455f63d4ec074dfb573d941786698c7fb314dafb1b82f78c67f117328750a24
6600065833bac61e2423e9120771a8cfc76b9de09545cef4dcb8974dcaf60e95
6d31305964acb7496ca50d41839f94e4c432cfdd47146df1a3a58362c0a1391b
6e71d232a5c3b95e14822b2904c594ae6d424565b0a4c2baaa5c86f8b66cf0dc
6ed61a78fa4c7697cea7853b1ceeb0305eef042e9e6d34e14ea239534735381b
72b39a7fd154d9e2de0c2aa01cf6ed936d94f66d8a41986bdefe13577c48d225
77e42b7c8bf405f0e1c52323f3e1adad7966f16473c47637ccd670b2be66ed9e
784c5ab715f626b3d62f32e64e2cf3c6301eda59d5090ece715d593082ce6bd5
78f64d95a477a008f4a7cb3e0e188ef1e8d58abb479b37bb9c9a18d7ab6daa96
7d3f6deaadb33e1d41fbfafd795219bff9965ad6eaf34cf0ac5843552fee4a3f
7d42d09e46c7a3c5b5919b101acb62b712183e13011850c247194016497b5e84
7df8a99bee128d89b177d2648f5d1dd154c1292e7b3f72094428fcab2ea8f9dd
80b0e01e20e8f69cb7425d33a0d36a50a1eb6f6af5e3790b7abf1a2f9db1e205
81ee66f3294c484326e205161a1552068229b619bb19954aa8d85ac09e2ae05e
827a1ab09c1bc733220fcf425aea2aa88ad706236399323cd469bd11f2b9ff04
82f5efe5c798085da6084fc5d70d8418095a1889ecfa500d785ee465428b956f
862e9ab134e263940c26ffebf1604ff3dd7198d1f95cc9484ca5ad740b0fefb2
870b1e0cdc6c05e8e41db7f365ce5927b83b4917d061aa47efae33491aa5ca5a
87726d01ba0af40980e7b5f1b6de40524cf334eafd2e39f50c05c0b49f226753
881c529c9385df997480accac9df36298b928b1bfedf0981264cdd083aef3b2d
8906b671ded0a40107745aff2a664bb74a87bfa6e2327db2d1a96d3ec4e9bd35
890bf4ff46b24c5b1e44fd81d5ce3b3f9a76c58345ca6d1596eac50786c24c51
893085ac24cf4160f244d43b7ade8b464ece3cd05e7b2423d16615eee96d750a
8d11c1f6a1c5e67332fb9f340a2497ed8f6a32f67bd07e0ab932ff8da64c16de
90e152337c4e1fc4485d5ee6d51aaf7f1287eb1561b86e6dcf678de7ea00bf20
932fd3296450f6d0d676ddae569a033a9df2ba9d7719407ff2c6b6e619bd4f00
984a79b5b6ddb61594e3c9774933b4c33196d719d44532d589173ad6886791b2
99489ab0188e247840fd0f1a122bc82abe38b449a676c523dd4c9d5524322773
9b1b313116c2a045cbe88db38bc303b148a766d65fa1877794790165c4d74f16
9bae2da2ef38cec17b63fa8c8d336673d8f98f4a23e85cd5781b9556580084d2
9c8f3a924c8e0131a2fd7c9171117bccc975c50130091855a01c914042a4c8e3
9eb46f7ec7dc725569a4c5182412acd65206fe8af5695c539e6da63935587e6c
9fbfb41c691e86457e704d8ec89ce1a55d90c2f67def3002314a77672a75027a
a3562768c83ee77896052249a85096b972e5fd85450099234385c94cd64f0a60
a69fa3ccd6ccc8b251dc3609f2c4a2c399e3f94f4583ad590db81c9622cc305d
a84fdefbaf490c69e01612bd16f60e4754b5b367e7c33642dc5d5411d93631b3
aa47288276ad38538f1f06f43ed332a883c5f9b297f19ca36a18eff5220efe3e
abac040e4022834fd027b0e297eed9cbb79ae6ebf7f08b51d79df4d2b44968f6
ac3682815bc0d7e758cb97d4d4e4d2544c4f2736d771b42eb5b1ee9909eb7a7c
adb0f18d33ffd64a5fef82fa3c16d82f1273dcbfb7d94be2821b4426ebabd1a6
ae38d7de484cbf1787a15d6fac05b37958e3e3c92e90a1601e51a3df6952e7e6
ae8172ccd0aaece6796c8e2d2a8e8c2cb9a2e2fffb4fa5d4dc1620da219f281e
affa58f8ffcee019553642b7f2208ddab189d9d2bc2910eeea98629b279d9af2
b096bcf08c082ecf71a653d6f56e7c93c41b19d70d59b0eb8be3303f2e556889
b0a16dae14534ad906d04402b629d77d592705f21f6578f994853608a97295be
b1920178cfb94f6181cb29440ae05e90df1789eb835a8ab3a36748620d6ee3b2
b31400b92b43fdecb3da3189faec45089551743cf463580d058b517bc7356c45
b34f0cd16c7de922ce00eee4d532270f237fba336e28c364a3fb716c5f990343
b5a91ae6a68da9dd0a153313affaa6061aedcab73eaeb2feab7177f57139dc3b
b887d12b494798a273bb0d3d00aff208512ba580336a2d01f75d32f12f78fe6b
b9fc322363f7d8b18e54b1068ca25c13b47f9ba367d7ee8cb94d217d32bf0942
bbb48c1b3ae91f10b7b25833477f62f1e50a4dd75adec00624364f2b3b5587ab
be1296f9c685754a0e5b48d8e9f702eab1e3ed75cee8fc0585bc581a684d72aa
be65050fd3967355a2c37eac6b52bd04be7fe09cc726826acf73d136ffaad0d4
beb73f12f812820879dc6265154d1fab66d6f439316acacbaee8bb6c11c8bf08
c343d925dda73dab15fdf6456175001d2fe3179c751e23e1927cc7485b215805
c349490ae1b105517f3322b84fdeb554d72d5fec4782f738c955b1e3e2997140
c3f74a0d9de999e8054a1a875d0bd3cee9b6bdb297b13fecb7204ccbf77dae5b
c4f80fc2a6c8fb3797742654f08e005af78e7d305601ff0a7576d8d7f8ba1440
c54e8eef343ddf228ab711c9f924df5197906aa4c3a7a856cf59017da10d2472
c7d5a459ffcef60356d5b15615583d02415604953f0ee15713286bebb69df0b6
c8a2ea77c506d68eddea1a27762f83809b32e487d95434d6845095cd921f9917
c8f1e2875f04cc67a72b87fd50a65dd3e30755a0bb38c0e2dd00ccee193f4b18
c9b2d7ec2515b4a16d4afdc9711737a6929f0042d052405d42058cd9b298f607
ca0b2353caf62bd8ac8d25e7e35be77f7d679bc05897c4ea81b3041e34c85bd5
ca92dd379bbd56fa57a3201a94d22c769a4e4ca5a73941894edbfdcaf22f87fa
cbd83592410ced621539b5ae0cc9bec9f478d9d9587913f6d0a8dce4e53e8adf
cd77baf5c92b4d189707bc93e6eb78d6bbc43f24a13ff5ee90c84763e690229f
cd7aebcfbcbdfc4ab2dad0943ef287e6bdb66eed36ce189b19307c00f9341351
ce4c2e46731271241e77db9ee903d6d928f624e6f670554d7c743ff12f10abc0
ce6a34b090426d01efd86aac5732c297df9046457b1e2e1e7938cc830a243745
d232a42607e002ac1454c48fd2b74d670410cc2ce6d991059c89c5217d7ad863
d26153a6633c2a968f92355f7f81b19c419a13c61375e4010784a7121dcb6085
d590a067a5e53f9fd175c2208c8868cb1ffa41196c89c7cea571d816fe8c5d2c
d62831be8422e9dcd13b620deb8757c169beb4b6527f408473d6c6ca3695c875
d69b4e6b44a588651f7841e66462b78fc48e172895fb7b1980441b788703bba8
d782c5e559cf7b30f321cd32816cf66c016b7caba683f9ed1d81d37be2ba89d8
dc01cd1b3a4eb90a50385a17aba907950d6480aa55f5d386571555ec96054b7c
de3bddd56bd44190d70d96cb64b0cb88bbac2bf5c736332ad19a9e991d67cd02
e1470b29bbaa753a47da6627a2f920ce8e75f850cfdbbdbf5e89f19438f09a22
e685a3e2626b5be478fef0d889ffbe20174ff240f6dd5d1bccd3228bb62e5f58
e7d8c5fed5451c69a270b738aa3fd411619cbd0dfb8f30e8051865915f04ad96
e7f5c3176818e414720fe53b9431afff5253c9b468be858454c84d4ece7bff98
e992f88e9b1af4f5bf92b211c4c4956b03f441230c16aa69f1cdcc3f18cfe9a6
eba5dbd09c7f7d6f7e2270765084f7bb41345a5431f9ac2eea25de0ad39bc253
ecc58b63cd26a4b5fb070dccb44700be7b6c2da95fdef35ec74622874e6f17e3
ef5c0c32f5cde0b8740ebdc5db77a93b05c8cea2b328144d4ea5515f6313b43e
ef6000d1fac86283b63b3d1d2ee605e26e541254c49ae371fe5b1685f7f5705a
f0f195d81bd7f80d48f9ba11d6cfc27fc60b32a7c306af2ebd3e810b08cfb819
f2742e4343a0d506b9b50cc2bdd2a5744e26a8e8fbc9053d5d487177722e7b1d
f573ac0ddc497e9d88f996495fc32d08f5e3db62bcf5688fab1cb8d88544ae9e
f6b867ccd9e2f07f6b63eeebfec8dea030de76d2bfbc8df28f2ae3be87ba98a9
f7eb0bd8dcc7667697fcc815bc203e5b1379ce2b4eed0049cb5d22c7b43678f6
fbb335a27793c3ef31e3aae46e5c539b1ab6bec034cae7ab098d0cc645da0e64
fc11bf329875e490dd96fb52021d24de7120dfde797e928d199ce7f025fc6451
fd334ae03988145358e60da04d72b329bf858b6c0b0ed37450bd35e79865349f
fede09d9c770615298225beac6d2ba9d42dbd4f2288c72165ffcf38d65184039
ff49a390557a5c980be91a0731f9c981c3b5b0d3abae8768b5d7e6d1c0859601