URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Submission: On June 18 via api from US — Scanned from CA

Summary

This website contacted 11 IPs in 5 countries across 15 domains to perform 237 HTTP transactions. The main IP is 138.113.211.72, located in Canada and belongs to ML-1432-54994, CA. The main domain is ysq5dvk35d.vsifmaufhn.xyz.
TLS certificate: Issued by R11 on June 17th 2024. Valid for: 3 months.
This is the only time ysq5dvk35d.vsifmaufhn.xyz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
51 138.113.211.72 54994 (ML-1432-5...)
111 172.65.194.65 13335 (CLOUDFLAR...)
4 47.252.96.19 45102 (ALIBABA-C...)
2 18.162.246.23 16509 (AMAZON-02)
6 119.31.254.30 54994 (ML-1432-5...)
2 2a03:2880:f00... 32934 (FACEBOOK)
1 114.119.189.26 136907 (HWCLOUDS-...)
1 54.192.51.93 16509 (AMAZON-02)
3 43.159.107.100 139341 (ACE-AS-AP...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
237 11
Domain Requested by
101 u9ynnpy3yb.dfi462194mt2.top ysq5dvk35d.vsifmaufhn.xyz
39 ysq5dvk35d.vsifmaufhn.xyz ysq5dvk35d.vsifmaufhn.xyz
4 mheb5zoder.n8yudyplqd7r.top ysq5dvk35d.vsifmaufhn.xyz
4 xc06l2-878-ppp.oss-accelerate.aliyuncs.com ysq5dvk35d.vsifmaufhn.xyz
3 riskct.geetest.com ysq5dvk35d.vsifmaufhn.xyz
static.geetest.com
2 connect.facebook.net ysq5dvk35d.vsifmaufhn.xyz
connect.facebook.net
2 of5hjr6rj76u.78udk0ie3gby.top ysq5dvk35d.vsifmaufhn.xyz
2 hkppzigpbl64.l4rdf9d9q1d3.top ysq5dvk35d.vsifmaufhn.xyz
2 1px7oj2ajoul.gbjoiv.top ysq5dvk35d.vsifmaufhn.xyz
2 tgjho4leecy2.gbjoiv.top ysq5dvk35d.vsifmaufhn.xyz
2 oplgfft31i.hfhcpg.top ysq5dvk35d.vsifmaufhn.xyz
2 5j4b71p5ne.hfhcpg.top ysq5dvk35d.vsifmaufhn.xyz
2 l6odw9inyei0.lxdlum.top ysq5dvk35d.vsifmaufhn.xyz
2 wgsbljxqaw.cjvnjz.top ysq5dvk35d.vsifmaufhn.xyz
2 ylsp2jobm7.cjvnjz.top ysq5dvk35d.vsifmaufhn.xyz
2 mdppr0xqcjdy.nd1hpdujs344.top ysq5dvk35d.vsifmaufhn.xyz
1 static.geetest.com ysq5dvk35d.vsifmaufhn.xyz
1 fpnpmcdn.net ysq5dvk35d.vsifmaufhn.xyz
1 conn.webpush.theengagelab.com ysq5dvk35d.vsifmaufhn.xyz
237 19

This site contains no links.

Subject Issuer Validity Valid
ysq5dvk35d.vsifmaufhn.xyz
R11
2024-06-17 -
2024-09-15
3 months crt.sh
u9ynnpy3yb.dfi462194mt2.top
Sectigo RSA Domain Validation Secure Server CA
2024-06-17 -
2025-06-17
a year crt.sh
oss-us-east-1.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G3
2024-04-11 -
2025-05-12
a year crt.sh
mdppr0xqcjdy.nd1hpdujs344.top
R10
2024-06-13 -
2024-09-11
3 months crt.sh
mheb5zoder.n8yudyplqd7r.top
Sectigo RSA Domain Validation Secure Server CA
2024-06-18 -
2025-06-18
a year crt.sh
ylsp2jobm7.cjvnjz.top
Sectigo RSA Domain Validation Secure Server CA
2024-06-18 -
2025-06-18
a year crt.sh
wgsbljxqaw.cjvnjz.top
Sectigo RSA Domain Validation Secure Server CA
2024-06-18 -
2025-06-18
a year crt.sh
l6odw9inyei0.lxdlum.top
Sectigo RSA Domain Validation Secure Server CA
2024-06-17 -
2025-06-17
a year crt.sh
5j4b71p5ne.hfhcpg.top
R11
2024-06-18 -
2024-09-16
3 months crt.sh
oplgfft31i.hfhcpg.top
R10
2024-06-18 -
2024-09-16
3 months crt.sh
tgjho4leecy2.gbjoiv.top
R11
2024-06-14 -
2024-09-12
3 months crt.sh
1px7oj2ajoul.gbjoiv.top
R11
2024-06-14 -
2024-09-12
3 months crt.sh
hkppzigpbl64.l4rdf9d9q1d3.top
R10
2024-06-13 -
2024-09-11
3 months crt.sh
of5hjr6rj76u.78udk0ie3gby.top
R10
2024-06-13 -
2024-09-11
3 months crt.sh
119.31.254.2
GlobalSign RSA OV SSL CA 2018
2024-05-14 -
2025-06-15
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-03-27 -
2024-06-25
3 months crt.sh
conn.webpush.theengagelab.com
Encryption Everywhere DV TLS CA - G2
2023-10-09 -
2024-10-08
a year crt.sh
fpcdn.io
Amazon RSA 2048 M03
2023-10-10 -
2024-11-08
a year crt.sh
*.geetest.com
GeoTrust TLS RSA CA G1
2024-03-12 -
2025-03-11
a year crt.sh

This page contains 1 frames:

Primary Page: https://ysq5dvk35d.vsifmaufhn.xyz/
Frame ID: E86F2953A55F50D66D4CDA79B348A8F5
Requests: 237 HTTP requests in this frame

Screenshot

Page Title

7373.cc

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

237
Requests

77 %
HTTPS

20 %
IPv6

15
Domains

19
Subdomains

11
IPs

5
Countries

8276 kB
Transfer

14043 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

237 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
ysq5dvk35d.vsifmaufhn.xyz/
69 KB
19 KB
Document
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
5df6f0846155623d6238ab47f1720608817fb0f8b56190247b22efb0acde95cc

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

cache-control
s-maxage=600,public,max-age=0
content-encoding
gzip
content-md5
7ieknfdDBmNRti9JJg0y/Q==
content-type
text/html
date
Tue, 18 Jun 2024 12:30:13 GMT
last-modified
Tue, 18 Jun 2024 11:18:27 GMT
server
AliyunOSS
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-hash-crc64ecma
9887258552952394124
x-oss-object-type
Normal
x-oss-request-id
66717DD453375535341755F6
x-oss-server-time
2
x-oss-storage-class
Standard
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-ws-request-id
66717dd4_PShlamstdAMS1ei13_22445-9458
runtime.a781ec1829aecd052d94.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
41 KB
18 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9c62b1499a1c42dcf4a61653b7983b540bd000573de0a699b7858bb0b0f601c7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:13 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD55337553534DA59F6
content-md5
nUkr5iyx2heyBBWTVKx8Hw==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"9D492BE62CB1DA17B204159354AC7C1F"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9473
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2413039591270154998
x-oss-server-time
10
vendor~cdd60c62.948e7ac2ada7fc25378b.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
161 KB
52 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/vendor~cdd60c62.948e7ac2ada7fc25378b.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
e3fc400fa4e906282784cd3ada73fca55a160fc88e235d3885ba671e0e44587c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD6D14BBC3734AE82CE
content-md5
6keaIm7eiPdSipdoLj5m9w==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
etag
"EA479A226EDE88F7528A97682E3E66F7"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9474
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12516729211121488691
x-oss-server-time
1
vendor~d2eb5610.aa2833113402db7e9461.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
178 KB
54 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/vendor~d2eb5610.aa2833113402db7e9461.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9c8f3a924c8e0131a2fd7c9171117bccc975c50130091855a01c914042a4c8e3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD6D14BBC32305882CE
content-md5
RN5vGTtf/OY7P6D2wylVWA==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:57:00 GMT
server
AliyunOSS
etag
"44DE6F193B5FFCE63B3FA0F6C3295558"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9478
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8914712505974508887
x-oss-server-time
15
vendor~5a94f17d.9e26a631eeaa10a4f447.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
175 KB
56 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/vendor~5a94f17d.9e26a631eeaa10a4f447.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9041af434ed5779b12f618e94d7ba7ce615d34143f243a425e37e5d12a63a366

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD653375535345460F6
content-md5
FhHJzUlMsEJa7scUayT/eQ==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
etag
"1611C9CD494CB0425AEEC7146B24FF79"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9479
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
15097401627497403321
x-oss-server-time
2
vendor.ant-design-vue~c5d15932.87599af1363e56cf1a0c.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
237 KB
70 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/vendor.ant-design-vue~c5d15932.87599af1363e56cf1a0c.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
40a57c4f96c3bef9013447a869b2c0bfc112ecaa671779a744b229ce7b374080

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD6F27FBE363298672D
content-md5
MZOzIUNlz+hppxRMa+PdiQ==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:57:00 GMT
server
AliyunOSS
etag
"3193B3214365CFE869A7144C6BE3DD89"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9480
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
733788880934548799
x-oss-server-time
2
vendor.ant-design-vue~858e9c75.d52bc62dfccd360b218d.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
326 KB
91 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/vendor.ant-design-vue~858e9c75.d52bc62dfccd360b218d.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c8f1e2875f04cc67a72b87fd50a65dd3e30755a0bb38c0e2dd00ccee193f4b18

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD68A23F739352D04F2
content-md5
5BeV//Bk0XVYCp06t3polg==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
etag
"E41795FFF064D175580A9D3AB77A6896"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9481
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
737059335683464012
x-oss-server-time
2
2690.d5bd57ae6dd3ba4ad1ce.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
263 KB
78 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d590a067a5e53f9fd175c2208c8868cb1ffa41196c89c7cea571d816fe8c5d2c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD6D14BBC32304D83CE
content-md5
Ht4LLRBie1nBVPT9eW01YQ==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"1EDE0B2D10627B59C154F4FD796D3561"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9482
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
6383032219633855322
x-oss-server-time
4
5431.de9e6b9b12124f9b61cd.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
187 KB
60 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/5431.de9e6b9b12124f9b61cd.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
7bd53601c3d6cdadf1414cc129483dc756fbd455f4592f35b968eea738f3f038

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD68A23F730330E04F2
content-md5
MFCMKZFP+/dfrFLkBMVNLg==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"30508C29914FFBF75FAC52E404C54D2E"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9483
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
1113326546081098678
x-oss-server-time
1
main~43dd7041.c829f8fa6fd5dbf99b8e.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
439 KB
116 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
6584c85e30d61b232bd133c55a68ab62be14da5192df14983500e2b1eb6c674b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD64C8B373332C0ADA3
content-md5
3fhkypRJ0GaN41wbwgaSEw==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:57:00 GMT
server
AliyunOSS
etag
"DDF864CA9449D0668DE35C1BC2069213"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9484
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4373759910588096722
x-oss-server-time
2
main~9bf88260.1a7c09afdb8922ddb851.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
243 KB
79 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
fe9f2b8249572c2cf05dd565684a95c757ab1ce9d3620a7ea14acb29b9dbe732

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD6829A183337294658
content-md5
a0K/jtX2cpsftMoXpD26nA==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:57:00 GMT
server
AliyunOSS
etag
"6B42BF8ED5F6729B1FB4CA17A43DBA9C"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9485
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12419107257263579016
x-oss-server-time
2
main~ff90cf7f.30aeb05745333ec06e0f.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
366 KB
143 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~ff90cf7f.30aeb05745333ec06e0f.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
eaa4532ffb0612bc5baf54dae58cfeb25a5a644dbeec379e12cdcf365ec9e202

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD68A23F738344F04F2
content-md5
aO7HxAdNxILn/Ua8mgRC9Q==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
etag
"68EEC7C4074DC482E7FD46BC9A0442F5"
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9486
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2750078408153372541
x-oss-server-time
19
vendor~aac516cf.34f3c3e2dad616dd450c.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
495 KB
84 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/vendor~aac516cf.34f3c3e2dad616dd450c.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
fd672d9667d2e65eb0cbc17f8a2e3f3852f54feb1cab530970673f95c64343a0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD65337553534965FF6
last-modified
Tue, 18 Jun 2024 08:57:00 GMT
server
AliyunOSS
content-md5
1TaVvsofV2hWSw901E4ATg==
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9475
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10953150796879738951
x-oss-server-time
2
start.88a84593244c71954f89.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
56 KB
5 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/start.88a84593244c71954f89.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
38ef2d791b807288b1ee05b9700d3855281fb88730e348bae10cefdcce464e27

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD68A23F730338B03F2
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
content-md5
7Sj1s9O3OuEVJz4iO3SW+g==
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9476
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
5573157750493868036
x-oss-server-time
2
main~31743c5a.4bd5b83456e31c3a8174.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
282 KB
42 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~31743c5a.4bd5b83456e31c3a8174.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0d6a7f07c7dd8ec74591fbd7e7d579e849fd1de9ff8c7a36381b937fe3c4d544

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:14 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD68A23F73935A403F2
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
content-md5
If9Iag2GOvpA/ucUJ0DISw==
x-ws-request-id
66717dd5_PShlamstdAMS1ei13_22445-9477
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
9281144315432652467
x-oss-server-time
2
h5icon.ico
u9ynnpy3yb.dfi462194mt2.top/cocos/lg/
4 KB
1 KB
Other
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/cocos/lg/h5icon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
97a36d99f6a31ede93e7b99f21c94b9b1b91276cbaeb4e90197133c7dfe05ff6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DD9FC4F3FAD0430F415
content-md5
fkmrilZmkWK4+jDH4nVSdg==
x-cache-status
MISS
content-disposition
attachment
rid
075f1e79d1c76be65e2d65cbfaf340e5
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 28 Aug 2023 11:47:40 GMT
server
gocache
etag
W/"7E49AB8A56669162B8FA30C7E2755276"
vary
Accept-Encoding, Origin
content-type
image/x-icon
x-oss-ec
0048-00000111
x-oss-force-download
true
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3965485502520721086
x-oss-server-time
1
7175.eac90888961060e71443.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
217 KB
48 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/7175.eac90888961060e71443.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a0d8c4dffcfae62b0cf302a5a12bf87f55ca9e556962d53984703e01493b4d05

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:16 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD8D14BBC32301095CE
content-md5
0uS/BhnZkquFYDS3Fza4Hg==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"D2E4BF0619D992AB856034B71736B81E"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9619
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
974350387650530535
x-oss-server-time
1
home@theme=1.e6627094fabb9410e14b.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
311 KB
38 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/home@theme=1.e6627094fabb9410e14b.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
25af9eb8d862d5b948801058b5c0ed33f064702e7d6a37c3d289ca82aab2d97e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:16 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD88A23F730333D15F2
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
content-md5
lFGRiKJ53KKuxTLM9Qot6Q==
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9620
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
5257678374006450129
x-oss-server-time
2
home@theme=1.6aca2cec08f62ca72bd6.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
131 KB
39 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/home@theme=1.6aca2cec08f62ca72bd6.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a610e1423cba37e906bdc4393174e0f2094a85bd756845fa48b2549a3a4b1ec4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:16 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD88A23F739355315F2
content-md5
jnRXFC75tawMebPdfXtveQ==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
etag
"8E7457142EF9B5AC0C79B3DD7D7B6F79"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9621
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8465271819003801551
x-oss-server-time
5
layout@theme=1.ad15056d7a1f3f2197d9.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
66 KB
11 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/layout@theme=1.ad15056d7a1f3f2197d9.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
726665254f4b0a564a67e5f1de2aabe2038184f4a8a3479c7e0805d139c15bad

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:16 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD85337553534A371F6
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
content-md5
WoOY+h3E9+MikUAl7d5JEw==
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9622
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
16404414680397333148
x-oss-server-time
2
layout@theme=1.ea4f6a9ae1eaeaaf26de.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
88 KB
28 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/layout@theme=1.ea4f6a9ae1eaeaaf26de.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
8f9183c9025e4c8ae4ebfc2895faced5f0a8e2e95eece72e19359e99625ad76f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:16 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD8F27FBE363250782D
content-md5
6nmNZLLPjNHMAUll2zQ2ig==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"EA798D64B2CF8CD1CC014965DB34368A"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9623
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
6752960531735828692
x-oss-server-time
2
config_data.json
u9ynnpy3yb.dfi462194mt2.top/cocos/
5 KB
4 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/cocos/config_data.json?timestamp=1718713816037
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
edb5e4f5fa22c7622f0421ff037b2a0c2d41aab6557f9c5d1c80f376ee5e4346
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD968A37403AA376BD8
content-md5
F0oQUHtsBy8TU2svYyp9Ow==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
fc6eb0c8aecb07e1a8c405a6fa7b6d4d
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 11:16:26 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
10352907845348833169
x-oss-server-time
1
site-i18n-config@zh_CN.44ad51fc3f214d7be4ee.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
138 KB
50 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/site-i18n-config@zh_CN.44ad51fc3f214d7be4ee.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d1c0bcf4d49a938c51b7771c663d799f84469ca270514bea16f64dbcbff3963f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:16 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD8829A1833370A5858
content-md5
EsDjI5jzwcm3BsYQqb6kpA==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:57:00 GMT
server
AliyunOSS
etag
"12C0E32398F3C1C9B706C610A9BEA4A4"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9624
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
6047822241626444950
x-oss-server-time
2
main.sprites.json
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-8/
438 KB
296 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-8/main.sprites.json?manualVersion=1&version=v4.0.350
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
0b573bddf354217627b2d18ca1cefaa7a997568e64166a7c9d6872038f225025
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD93B220273BF369370
content-md5
N7Nbctdakm1L7/3YaTG/Rg==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
f008614957517907495f000c8700c408
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 07:45:03 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
12756875834493546890
x-oss-server-time
2
sprite.svg
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-8/
768 KB
241 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-8/sprite.svg?manualVersion=1&version=v4.0.350
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
89b0ea2ee92cd41d549993994399dc5c84e7bd6843338a012717b83dbaf4aa69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DD964BB29C3D593B4C9
content-md5
ChdF0p6PoQk4CGrpyCjE4g==
x-cache-status
MISS
content-disposition
attachment
rid
df3a0ce50d214ee83182055a2c2c1573
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 07:45:03 GMT
server
gocache
etag
W/"0A1745D29E8FA10938086AE9C828C4E2"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
content-type
image/svg+xml
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
13882690860387710671
x-oss-server-time
2
assets.hash.json
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-8/
90 KB
21 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-8/assets.hash.json?timestamp=1718713816056
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
79daba92252c407238103dc33f58f8ac21bd7006f474c033ff13171f0004c284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD9FC4F3FAD0430F412
content-md5
n7IF9CxYiG+NmICNLK7hPA==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
67a0db40ad274acd4505af77d6bb54f1
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 07:45:02 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
15695414019629190666
x-oss-server-time
1
assets.hash.json
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/1-0/
849 B
883 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/1-0/assets.hash.json?timestamp=1718713816056
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
e54f33c280cc975181a4aeb84be0f3ed226a3ea98c355fddee2e48c920adc80b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DD964BB29C3D593B4EB
content-md5
0r4VeeX71+sGrVqBBIQCng==
x-cache-status
MISS
content-disposition
attachment
rid
2970476c0b71bd92d61158ec7e2f3b1c
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:23:16 GMT
server
gocache
etag
W/"D2BE1579E5FBD7EB06AD5A810484029E"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
18016351949508670424
x-oss-server-time
2
style@theme=1.b6ad122194c35521fcc1.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
625 B
1 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/style@theme=1.b6ad122194c35521fcc1.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c7d5a459ffcef60356d5b15615583d02415604953f0ee15713286bebb69df0b6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD84C8B373332B7C3A3
content-md5
jfbT0BMK9KpYEe31CC+kPA==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
content-length
625
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"8DF6D3D0130AF4AA5811EDF5082FA43C"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9649
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3436057668424300108
x-oss-server-time
2
style@theme=1.661c049c29d75cd565b1.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
151 B
639 B
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/style@theme=1.661c049c29d75cd565b1.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
984a79b5b6ddb61594e3c9774933b4c33196d719d44532d589173ad6886791b2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD8D14BBC3734489ACE
content-md5
9/4yRDwKD7OA8yH1vFb3nw==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
content-length
151
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"F7FE32443C0A0FB380F321F5BC56F79F"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9650
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11754132589776546272
x-oss-server-time
1
9798.78e4f0428dea8051c71b.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
993 B
1 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/9798.78e4f0428dea8051c71b.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b5a91ae6a68da9dd0a153313affaa6061aedcab73eaeb2feab7177f57139dc3b

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD8D14BBC32303F9ACE
content-md5
UheUnIOE23iM5ablDSboDA==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
content-length
993
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"5217949C8384DB788CE5A6E50D26E80C"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9651
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10028743080157342418
x-oss-server-time
19
9798.4f5aab1919c46e284d9a.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
347 B
834 B
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/9798.4f5aab1919c46e284d9a.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
be65050fd3967355a2c37eac6b52bd04be7fe09cc726826acf73d136ffaad0d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD853375535348A76F6
content-md5
Xh6FYVf0IQxS8AYwwFGsuQ==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
content-length
347
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"5E1E856157F4210C52F00630C051ACB9"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9652
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
17856786016509065391
x-oss-server-time
2
sprite.svg
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/1-0/
429 B
606 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/1-0/sprite.svg?manualVersion=1&version=v4.0.350
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
fffd62fc34fc93682dc6d30e90afd388bc996327bcf4b6b0985370effff11870
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DD9678B8EB2BB3C4E9B
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
content-type
application/xml
x-oss-ec
0026-00000001
x-oss-server-time
1
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/api/lobby/site/getSiteInfo/language/
3 KB
3 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/api/lobby/site/getSiteInfo/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
91bada025199077d024488fd3ea6a3caca0f1b6e2852edd16188fc78cf1d71bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD90D92D941F795807E
content-md5
upz6+n0aKH10TUjKNNpYvw==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
1ebc40b43c4def2a586a35a3f1162dbd
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 11 Jun 2024 11:00:35 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
6307416916171100588
x-oss-server-time
2
5.json
u9ynnpy3yb.dfi462194mt2.top/hall/system/status/currency/CNY/language/zh/osType/4/platformType/
17 KB
13 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/system/status/currency/CNY/language/zh/osType/4/platformType/5.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
6fd76bc75fdd06ef2102446f20ec3394959f64d21b338ba2b1c924bdfe44e58e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD943CB4D5BAF3FF00E
content-md5
VvzsX9s2CvBHYLf0Qj1KlA==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
bd06f7dfd117428f766db5ae46a79146
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 05:45:30 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=60,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
9831142040923731309
x-oss-server-time
1
5.json
u9ynnpy3yb.dfi462194mt2.top/hall/api/lobby/webapi/optimization/site/config/language/zh/platformType/
12 KB
9 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/api/lobby/webapi/optimization/site/config/language/zh/platformType/5.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
09226fe11c0c608ab0740e91bb335947c5252631aba0ef7a43099602437952bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD9EDBE26E340499425
content-md5
W5zN7S57/y6CN4mPzthe+A==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
ca2f342df1d3d3f2123ae6af4dedf957
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 06:58:06 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
5929526870512883507
x-oss-server-time
2
maintain-time.json
u9ynnpy3yb.dfi462194mt2.top/cocos/
399 B
588 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/cocos/maintain-time.json?timestamp=1718713816669
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
cea6db23823934b4edb4f05abd596cc5879777af058e14f9976f1b103f9f9323
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DD99EB6B21165946025
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
content-type
application/xml
x-oss-ec
0026-00000001
x-oss-server-time
1
7079.24ce9811c64ddc698883.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
1 KB
2 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/7079.24ce9811c64ddc698883.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
502d015f4e694e0bf739b4debe595ee005dfca7c16cf0b4b7e9d806014b1303d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD9829A183337D45D58
content-md5
3p4dVE+y9ztfE+EgOWEgxA==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
content-length
1388
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"DE9E1D544FB2F73B5F13E120396120C4"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9656
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
16167166293414604447
x-oss-server-time
6
5419.8b85c75646ffe41c2e13.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
9 KB
2 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/5419.8b85c75646ffe41c2e13.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
4e89748aecccae426b960630a5336069417ffad213d305d29c261bff0f6f09c7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD98A23F73033851CF2
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
EJgvNTCqzGpy0fYAAxjiKA==
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9657
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
15636462324424733967
x-oss-server-time
2
5419.11d4aac64544eb337186.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
29 KB
12 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/5419.11d4aac64544eb337186.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
3ad7a15ea5ec8fe0ee49ee9073499d277de96e403d38ed1bd135d64ef0a1b3d4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD98A23F73935A01CF2
content-md5
zvXNeFB5I/ThuRimILvZcw==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"CEF5CD78507923F4E1B918A620BBD973"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9658
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11853279872516398344
x-oss-server-time
2
3203.2e8c51ab96414f42aa6f.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
4 KB
2 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/3203.2e8c51ab96414f42aa6f.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b9659119a3c7b13f8d4ac0449275295fa84d46614c5dcfb159b2de90a153ecc1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD9F27FBE3632767E2D
content-md5
GERkBtX+WxFpXfCl5+FSkw==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"18446406D5FE5B11695DF0A5E7E15293"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9659
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
7577109430836309712
x-oss-server-time
4
6311.b7fc00cc2e35ba6924ef.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
7 KB
2 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/6311.b7fc00cc2e35ba6924ef.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c8a2ea77c506d68eddea1a27762f83809b32e487d95434d6845095cd921f9917

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD98A23F738348D1CF2
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
J9srEfF8t0HMNy7pN2yt3w==
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9660
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
13974744449496413855
x-oss-server-time
2
6311.2d5ec7d1cdbba2b585f5.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
5 KB
3 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/6311.2d5ec7d1cdbba2b585f5.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
82341aee16d2541d507623f4727ac54ef4776400e97522941d1358c41008fe03

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD94C8B3733321DC5A3
content-md5
xnLc5FlXGKwKMPWtNzR9Tw==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"C672DCE4595718AC0A30F5AD37347D4F"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9661
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
186983545884135276
x-oss-server-time
2
3123.1a76be986785be0c2744.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
3 KB
1 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/3123.1a76be986785be0c2744.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
4d77e01d895472fc4f8c33c607913d30912de963501c566f178f5a9c7998adfd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD95337553534F777F6
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
jcmpSoPaWucb8Xtrx7xsfw==
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9662
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3114555271504268530
x-oss-server-time
2
3123.58076876679f6115286e.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
6 KB
2 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/3123.58076876679f6115286e.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b2dfa19bd98ab4a9fddb1f7adf1a9299e10fb349738bef1f2889083abb9855e7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD9D14BBC3230289BCE
content-md5
pSDWjSkobKeoUP3kfRaZZQ==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"A520D68D29286CA7A850FDE47D169965"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9663
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
5931352540268371703
x-oss-server-time
3
1256.4f7307e1d86b07d1aa6f.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
530 B
1011 B
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/1256.4f7307e1d86b07d1aa6f.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
62ee1198cf40758a2d3a919eaf275b832b609b9660a3aae7dfc836026a79feb6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD9D14BBC3734389BCE
content-md5
WX5/hBQk+VNils9zSXoetA==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
content-length
530
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"597E7F841424F9536296CF73497A1EB4"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9664
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
13405930401309480728
x-oss-server-time
1
1256.d45118cec4fa1107ba99.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
970 B
1 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/1256.d45118cec4fa1107ba99.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
481dde1414f9a9996cf35cdb7a7fa412adc6b6d41569c9552718e1362da342e9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD98A23F738347C22F2
content-md5
4YbltJVpkffClPr4RVnQnA==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
content-length
970
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"E186E5B4956991F7C294FAF84559D09C"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9665
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
1999045581184865396
x-oss-server-time
4
3915.56b398dd65d90d63cf92.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
4 KB
1 KB
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/3915.56b398dd65d90d63cf92.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
3f1e8b18f11e7a4e47b35dc8927a915a2aa622d2a93af5033da1bce413c6be4f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD95337553534197DF6
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
KK25t/jc/Std6sEz4HIvhA==
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9666
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10239323282974809638
x-oss-server-time
41
3915.60f7929adf491513cd99.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
6 KB
3 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/3915.60f7929adf491513cd99.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
890bf4ff46b24c5b1e44fd81d5ce3b3f9a76c58345ca6d1596eac50786c24c51

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD9F27FBE3632C9842D
content-md5
aSwBM3eLqHOWz6MgDTR6Jw==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"692C0133778BA87396CFA3200D347A27"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9667
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8107677207782668190
x-oss-server-time
1
5653.fb2610961c5561191d55.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
2 KB
2 KB
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/5653.fb2610961c5561191d55.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
73fd95c83b36d3aa1c0a2fe9125bada591ed02b7408b9c26ebb1b983a0908938

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD94C8B373332AFCAA3
content-md5
p4Jmqh7MAhxRm3/JzAzHQQ==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"A78266AA1ECC021C519B7FC9CC0CC741"
x-ws-request-id
66717dd8_PShlamstdAMS1ei13_22445-9668
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12653181380647423898
x-oss-server-time
1
apng_top_jr.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/web/
218 KB
219 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/web/apng_top_jr.png?manualVersion=1&version=v4.0.350
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
b3e4351b55a38f15524ff2f94838789a0ccdb04d9313d49f45eac8f979dc73a5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DD9FC4F3FAD0430F40F
content-md5
LrJPuv6UEZvnE73uiNc7dQ==
x-cache-status
MISS
content-disposition
attachment
rid
5bd699a400c7d3c527a756a92726c289
content-length
223187
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:21:36 GMT
server
gocache
etag
"2EB24FBAFE94119BE713BDEE88D73B75"
vary
Origin
access-control-allow-methods
GET, POST, HEAD, PUT
content-type
image/png
access-control-allow-origin
*
access-control-expose-headers
Etag
access-control-max-age
200
cache-control
max-age=86400
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-force-download
true
x-oss-hash-crc64ecma
12162777752003652918
x-oss-server-time
7
bg_pattern_tile2.png
xc06l2-878-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/173/common-0/common/
2 KB
2 KB
Image
General
Full URL
https://xc06l2-878-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/173/common-0/common/bg_pattern_tile2.png?manualVersion=1&version=v4.0.350
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.96.19 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
97a73875181ca09c292cb2989503d4cf543e80e74a3e7f825b00e0fdfe94237a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 12:30:17 GMT
x-oss-request-id
66717DD90D92D941F7957F2B
Content-MD5
d2Iyng7CUaiYIVmfqLwBNg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1553
x-oss-object-type
Normal
Last-Modified
Mon, 17 Jun 2024 09:20:32 GMT
Server
AliyunOSS
ETag
"7762329E0EC251A89821599FA8BC0136"
Vary
Origin
Content-Type
image/png
x-oss-ec
0048-00000111
Cache-Control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
6519988049277960269
x-oss-server-time
2
default.json
u9ynnpy3yb.dfi462194mt2.top/hall/active/isShowV2/
704 B
1 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/active/isShowV2/default.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
55a098ae96ca6779c921981ee711773943c45d518103a2a889d8fbaec53a36ec
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DD968A37403AA376BEE
content-md5
HzTtmxdoylPPyLJca9wueQ==
x-cache-status
MISS
content-disposition
attachment
rid
e1c5f502deb08b3e234081def5a3c450
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 12 Jun 2024 08:21:00 GMT
server
gocache
etag
W/"1F34ED9B1768CA53CFC8B25C6BDC2E79"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
17798637178111990350
x-oss-server-time
1
4.json
u9ynnpy3yb.dfi462194mt2.top/hall/home/maxChargeRate/currency/CNY/osType/
88 B
725 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/home/maxChargeRate/currency/CNY/osType/4.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
b8fc73c2357e7bc188a8a3f85a9ef9687e0d826a0d2c6208af77892c313ab7e0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DD90D92D941F795808A
content-md5
oKTLRu2QuQV5CxIHFEHVeA==
x-cache-status
MISS
content-disposition
attachment
rid
79d2845ee7f910376b5c98b648c84159
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 09:50:00 GMT
server
gocache
etag
W/"A0A4CB46ED90B905790B12071441D578"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
18134370915585772234
x-oss-server-time
2
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/api/game/hall/listPlatformCateLoadV2/currency/CNY/language/
18 KB
13 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/api/game/hall/listPlatformCateLoadV2/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
4fd20045e04f7f7b74b9d2ad18ea124fcc8ed1e7e181c0b6d0f4d5b555d8be6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD964BB29C3D593B4EA
content-md5
pGFeHfokCjJ8XZyu5fk4ow==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
a466168872f4e785e1529e630f60d5c9
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 09:39:34 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
8996898421670669913
x-oss-server-time
3
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/api/game/hall/listExtLinkV2/currency/CNY/language/
128 B
754 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/api/game/hall/listExtLinkV2/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
a53fcec876eb94e15b517483991ab10b79e51e1f72165ac73daaad46494ce99c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DD99EB6B21165946024
content-md5
du1Ox6P5snAc8P+dRJ3F8Q==
x-cache-status
MISS
content-disposition
attachment
rid
b8c9e47bcef6c080af7bd71fd5f72dc5
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 11 Jun 2024 16:00:01 GMT
server
gocache
etag
W/"76ED4EC7A3F9B2701CF0FF9D449DC5F1"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
737979716168877593
x-oss-server-time
4
CNY.json
u9ynnpy3yb.dfi462194mt2.top/hall/api/game/hall/listVirtualBonusPoolV2/currency/
128 B
754 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/api/game/hall/listVirtualBonusPoolV2/currency/CNY.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
326666e2c804cafb8fca74ab4da53ccbf711dd46e486e905dce6f745f2f1e62b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DD9EDBE26E34049941F
content-md5
BNUoxGLz/3a4lnxYgEiSvQ==
x-cache-status
MISS
content-disposition
attachment
rid
0e9daba1bed2336f1b189d8d797409d7
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 11 Jun 2024 16:00:01 GMT
server
gocache
etag
W/"04D528C462F3FF76B8967C58804892BD"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=300,public,max-age=0
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
2833630301842064860
x-oss-server-time
1
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/active/category/currency/CNY/language/
62 KB
38 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/active/category/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
6d062534cca1d8e55a8e602d33dab289c0501878b5a55a41c765aaf6fe6b0197
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD943CB4D5BAF3FF00D
content-md5
qRcPZmjEVO9Bum0zrYueTQ==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
e4bd38a4f65e8acccbc42ac50dee2fec
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 08:41:00 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
16338646114061722708
x-oss-server-time
2
h5_zs_jr.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
4 KB
4 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/h5_zs_jr.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
dc7a5fbc58dec8a47a30ee12ff3f2c5b9c23ff6783ff74c4c405e8acedd37c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDAEDBE26E3404994BF
content-md5
D62FwyQfOgL1wWMvvqDSrQ==
x-cache-status
MISS
content-disposition
attachment
rid
1722f1501a57a8ddd4cfbedeeee0c2f5
content-length
3862
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:22:45 GMT
server
gocache
etag
"0FAD85C3241F3A02F5C1632FBEA0D2AD"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11046972868453129980
x-oss-server-time
1
h5_zs_jr3.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
44 B
564 B
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/h5_zs_jr3.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
7ee18766441fe9b689a58fe39c47fb865e545c83b247b4a24eb8965ba948fe79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDAFC4F3FAD0430F4DB
content-md5
wyh/SIcntmomXMwpK5NRqA==
x-cache-status
MISS
content-disposition
attachment
rid
f82c4a09bd2658005a9bf5d8681f0895
content-length
44
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:22:45 GMT
server
gocache
etag
"C3287F488727B66A265CCC292B9351A8"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
14949001379604372144
x-oss-server-time
1
h5_zs_jr2.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
4 KB
4 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/h5_zs_jr2.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
c0f0656fc5f8cb722c9631746b13ac4c63527c5a7d66858135dc54d76a396d26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA64BB29C3D593B5AF
content-md5
cHZ4ucCkFJRPjPQFN/h85Q==
x-cache-status
MISS
content-disposition
attachment
rid
5ac19ad5d73eab98a49c10b5b01117c8
content-length
3856
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:20:51 GMT
server
gocache
etag
"707678B9C0A414944F8CF40537F87CE5"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
5561362075979780982
x-oss-server-time
1
bg_pattern_tile.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common-0/common/
754 B
1 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common-0/common/bg_pattern_tile.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
6e119572fe535553e39cd8b0ed9825fe1fa1a47926f28d57b84b4264329130b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA43CB4D5BAF3FF0E9
content-md5
qK6HHfcRpjfyEFAddA8nmg==
x-cache-status
MISS
content-disposition
attachment
rid
ac00dd2312754528c03882e20be87b43
content-length
754
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:21:37 GMT
server
gocache
etag
"A8AE871DF711A637F210501D740F279A"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11758940097739064659
x-oss-server-time
1
icon_btm_jr.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
8 KB
8 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/icon_btm_jr.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
7998e3d893fbd2628857c94ad407c1c87141902698a734de0a01d2a03d186b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA9EB6B211659460E3
content-md5
i8addzKQZSQpwAkH+0axoQ==
x-cache-status
MISS
content-disposition
attachment
rid
070fcf7fed0dbf4a731ab350108e7cd9
content-length
7818
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:23:16 GMT
server
gocache
etag
"8BC69D773290652429C00907FB46B1A1"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
786487344352315355
x-oss-server-time
2
icon_btm_jr3.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
46 B
565 B
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/icon_btm_jr3.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
22ea7f15509824e86aa0900e5d5f5301734214443ee2f415a6011b94f2bfa821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDAFC4F3FAD0430F4DC
content-md5
HohA6ZwLkoRpfTEGlSvBiA==
x-cache-status
MISS
content-disposition
attachment
rid
36246ec9ce09662f65e5fe42ae65c99a
content-length
46
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:21:36 GMT
server
gocache
etag
"1E8840E99C0B9284697D3106952BC188"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4974923758475718639
x-oss-server-time
0
icon_btm_jr2.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
7 KB
8 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/icon_btm_jr2.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
7e0cd74b6dac966bb8ca087085ca83c998c4d770df860bbbcd601473d6b74fa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA43CB4D5BAF3FF0EA
content-md5
twxeNQZZ/3oi3CrbeaqlTA==
x-cache-status
MISS
content-disposition
attachment
rid
71014e6ed72dd13863a16e0051f09a7e
content-length
7550
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:20:31 GMT
server
gocache
etag
"B70C5E350659FF7A22DC2ADB79AAA54C"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
13334446142463239079
x-oss-server-time
1
truncated
/
70 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44d5041f007d30a9b7079bd3a42ef6da96c4cda10a25b1bcc5a0a6f92b0aadcc

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/customer/getWebTrans/language/
658 KB
413 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/customer/getWebTrans/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
f0cd2bf31fca38dff315209bcee23817275116c4e2eacfa775788a396851c632
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD9678B8EB2BB3C4EAD
content-md5
Ei5YrPd0l7n1PJTInNf79A==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
e6d82da425595a0832801cbe8f1cef73
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 11:32:57 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
17898420440720456720
x-oss-server-time
2
h5icon.ico
u9ynnpy3yb.dfi462194mt2.top/cocos/lg/
4 KB
0
Other
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/cocos/lg/h5icon.ico
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
97a36d99f6a31ede93e7b99f21c94b9b1b91276cbaeb4e90197133c7dfe05ff6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
br
x-oss-request-id
66717DD9FC4F3FAD0430F415
content-md5
fkmrilZmkWK4+jDH4nVSdg==
x-cache-status
MISS
content-disposition
attachment
rid
075f1e79d1c76be65e2d65cbfaf340e5
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 28 Aug 2023 11:47:40 GMT
server
gocache
etag
W/"7E49AB8A56669162B8FA30C7E2755276"
vary
Accept-Encoding, Origin
content-type
image/x-icon
x-oss-ec
0048-00000111
x-oss-force-download
true
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
3965485502520721086
x-oss-server-time
1
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/api/game/hall/hotListV2/currency/CNY/language/
6 KB
5 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/api/game/hall/hotListV2/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
58c28bd38e4bab7206c17ce2a81be9429da2439df82112c0abe1f6600fc52d09
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD943CB4D5BAF3FEFFE
content-md5
hrtTC9YII3J6ZXYdtdfNGg==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
12c26169d5df9910b1a2ee61a27096ef
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 11:11:04 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
13903237514845349924
x-oss-server-time
2
10.json
u9ynnpy3yb.dfi462194mt2.top/hall/message/all/index/currency/CNY/language/zh/list/0/marqueePage/1/marqueeSize/
14 KB
10 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/message/all/index/currency/CNY/language/zh/list/0/marqueePage/1/marqueeSize/10.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
f92a008f646d4a7b42b8816d07b07f4a36a96485e22b3485e4dfa40136c20903
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD99EB6B21165946006
content-md5
Jj/a4dYQZwVCM8rDOjjrNA==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
4868862d70bf22d6d9790e2913d84619
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 05:59:30 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
4344221112650645187
x-oss-server-time
2
icon_dt_pmd.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-common/web/home/
0
0

btn_zc1_jr2.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
3 KB
4 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/btn_zc1_jr2.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
f963a40715a0d47a8c58a38c7f4b0836643b285043553055f5c08f8b769e17b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA68A37403AA376CB4
content-md5
VLTEEkshQlljKvV320r3Aw==
x-cache-status
MISS
content-disposition
attachment
rid
be03d4b27e977a315ac2d1e3b9b14b57
content-length
3424
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:20:32 GMT
server
gocache
etag
"54B4C4124B214259632AF577DB4AF703"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
676472649283384505
x-oss-server-time
1
btn_zc1_jr.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
774 B
1 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/btn_zc1_jr.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
adb0d7cb42ccf1aa04887f00aa5f67bc8ac70b4ff75d5f745f51138ffc848938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA68A37403AA376CB5
content-md5
g1ndwXEGG6p/gkwnPOL0Zg==
x-cache-status
MISS
content-disposition
attachment
rid
6807f4338a316c9f99d4768b3eaa17dc
content-length
774
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:22:45 GMT
server
gocache
etag
"8359DDC171061BAA7F824C273CE2F466"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10252923656715916705
x-oss-server-time
1
btn_zc1_1.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-8/web/common/
2 KB
2 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-8/web/common/btn_zc1_1.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
4878b7e55392b0b65d5f85057f93c9cf453ac78c1451378b21f0b61e0f199bf2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA64BB29C3D593B5C0
content-md5
nSYKJhYYnX02me1jkWzVjw==
x-cache-status
MISS
content-disposition
attachment
rid
793923d402fffa77849a7e9296492aa0
content-length
1810
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 07:45:03 GMT
server
gocache
etag
"9D260A2616189D7D3699ED63916CD58F"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
17398995504771244698
x-oss-server-time
2
icon_dtfl_rm_1.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/
2 KB
3 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_rm_1.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
beb78d667055fdefa9a9e19a5dfdfb8abdda09d643e24db1daef79673a712222
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDAF6401B2D0132D91A
content-md5
Rcnc18vTmPdSLGVGpaberQ==
x-cache-status
MISS
content-disposition
attachment
rid
e152fa35ef23d1dff3a8dd4c5220a2f6
content-length
2302
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 07:45:03 GMT
server
gocache
etag
"45C9DCD7CBD398F7522C6546A5A6DEAD"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3451730334228747403
x-oss-server-time
1
footer@theme=1.cb7c6322293210194a0a.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
6 KB
0
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/footer@theme=1.cb7c6322293210194a0a.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
32e3ae899ed5a52cfc5be2703b684947b5474aa8e176c79e2c2793169c157d4c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD9D14BBC323073A0CE
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
yuDRwDJQGQD5Umb+KmJbCQ==
x-ws-request-id
66717dd9_PShlamstdAMS1ei13_22445-9686
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
986240778728940696
x-oss-server-time
5
footer@theme=1.33a661aeedf7f6b40783.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
3 KB
0
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/footer@theme=1.33a661aeedf7f6b40783.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
e685a3e2626b5be478fef0d889ffbe20174ff240f6dd5d1bccd3228bb62e5f58

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DD98A23F730332721F2
content-md5
oy79dn9cPixRVcMaCDAs0A==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"A32EFD767F5C3E2C5155C31A08302CD0"
x-ws-request-id
66717dd9_PShlamstdAMS1ei13_22445-9687
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9290218106079527736
x-oss-server-time
5
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/api/lobby/footerConfig/getInfo/language/
3 KB
3 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/api/lobby/footerConfig/getInfo/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
415e75643a6fdb3be0685d44f98a51403033fb5bd85d2dfd0c118e6641fba653
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD968A37403AA376BDC
content-md5
ymutc+71SL7VY0II9sNbzw==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
87494d60392144b990a09583f0918d13
x-oss-object-type
Normal
c-type
pf
last-modified
Sun, 16 Jun 2024 13:43:40 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
8337036704395948887
x-oss-server-time
1
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/api/lobby/aboutUs/index/getInfo/language/
3 KB
3 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/api/lobby/aboutUs/index/getInfo/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
0ec9c20c069857006a0be5799efca55c0cf96d98d05751f9889fb7d1dae32e17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:17 GMT
content-encoding
gzip
x-oss-request-id
66717DD9F6401B2D0132D86C
content-md5
gjzA258ni0HYBTpX/I3Qvg==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
899245f97bb9939b4d430e1bf959e535
x-oss-object-type
Normal
c-type
pf
last-modified
Sat, 08 Jun 2024 04:06:56 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,public,max-age=0
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
17753695440172511272
x-oss-server-time
1
9170.76e3acd9db1a609deafb.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
8 KB
0
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/9170.76e3acd9db1a609deafb.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
ca8fe80de3707a26a3df96efe0a05455fa3fb681a882860bd7eb480902cf7b57

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:18 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DDA829A183337276758
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
bD3PASf8WTIJ7gL7D79Ofw==
x-ws-request-id
66717dd9_PShlamstdAMS1ei13_22445-9704
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
12764340405751291075
x-oss-server-time
2
9170.7879d5ee4941a2799a22.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
13 KB
0
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/9170.7879d5ee4941a2799a22.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9d98e87b3f773786c524f3c5b61d5bdc45e4c788aa4f19e466ae9b52704f3208

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DDA8A23F739356F26F2
content-md5
qk1qy/kqUDX4n1iHjGL86g==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"AA4D6ACBF92A5035F89F58878C62FCEA"
x-ws-request-id
66717dd9_PShlamstdAMS1ei13_22445-9705
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8485168326854725617
x-oss-server-time
12
sprite.svg
mdppr0xqcjdy.nd1hpdujs344.top/siteadmin/skin/lobby_asset/festival/173/1-0/
424 B
843 B
XHR
General
Full URL
https://mdppr0xqcjdy.nd1hpdujs344.top:9007/siteadmin/skin/lobby_asset/festival/173/1-0/sprite.svg?manualVersion=1&version=v4.0.350
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.162.246.23 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-162-246-23.ap-east-1.compute.amazonaws.com
Software
AliyunOSS /
Resource Hash
984786e78760b521ffbe7bfd0ac2db0c2a262af56f3cef87addb244cc5c08e5e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 12:30:19 GMT
X-Oss-Request-Id
66717DDB6C78FC0A853460A6
Server
AliyunOSS
Access-Control-Max-Age
200
Access-Control-Allow-Methods
GET, POST, HEAD, PUT
Content-Type
application/xml
Access-Control-Allow-Origin
*
X-Cache
BYPASS, Status: 404
Access-Control-Expose-Headers
Etag
Vary
Origin
X-Oss-Ec
0026-00000001
Content-Length
424
X-Oss-Server-Time
1
maintain-time.json
mdppr0xqcjdy.nd1hpdujs344.top/cocos/
394 B
800 B
XHR
General
Full URL
https://mdppr0xqcjdy.nd1hpdujs344.top:9007/cocos/maintain-time.json?timestamp=1718713818032
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.162.246.23 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-162-246-23.ap-east-1.compute.amazonaws.com
Software
AliyunOSS /
Resource Hash
e5b79a697b4f98f7b4f39979d0cb3fba26ce67b9f6a1a34e4b085c7a7425ac49

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 12:30:19 GMT
X-Oss-Request-Id
66717DDB3B220273BF369771
Server
AliyunOSS
Access-Control-Max-Age
200
Access-Control-Allow-Methods
GET, POST, HEAD, PUT
Content-Type
application/xml
Access-Control-Allow-Origin
*
X-Cache
BYPASS
Access-Control-Expose-Headers
Etag
Vary
Origin
X-Oss-Ec
0026-00000001
Content-Length
394
X-Oss-Server-Time
1
piaspeed.png
mheb5zoder.n8yudyplqd7r.top/
2 B
312 B
Fetch
General
Full URL
https://mheb5zoder.n8yudyplqd7r.top:9010/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
c-type
pf
strict-transport-security
max-age=31536000; includeSubDomains
server
gocache
x-cache-status
MISS
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
rid
8a07f9bdfdbd3284ffd3ab5f9bbdce61
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
ylsp2jobm7.cjvnjz.top/
2 B
311 B
Fetch
General
Full URL
https://ylsp2jobm7.cjvnjz.top:9003/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
c-type
pf
strict-transport-security
max-age=31536000; includeSubDomains
server
gocache
x-cache-status
MISS
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
rid
ee09cb48aad746d3b609ebf997ffe752
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
wgsbljxqaw.cjvnjz.top/
2 B
311 B
Fetch
General
Full URL
https://wgsbljxqaw.cjvnjz.top:9002/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:20 GMT
c-type
pf
strict-transport-security
max-age=31536000; includeSubDomains
server
gocache
x-cache-status
MISS
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
rid
87a470a09abead744fd81fbadc0a17ab
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
l6odw9inyei0.lxdlum.top/
2 B
311 B
Fetch
General
Full URL
https://l6odw9inyei0.lxdlum.top:9006/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:20 GMT
c-type
pf
strict-transport-security
max-age=31536000; includeSubDomains
server
gocache
x-cache-status
MISS
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
rid
e10626bfdf0ef7c4ae1af7c5e7241f67
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
5j4b71p5ne.hfhcpg.top/
2 B
346 B
Fetch
General
Full URL
https://5j4b71p5ne.hfhcpg.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717ddb_PShlamstdAMS1ei13_22616-2868
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
oplgfft31i.hfhcpg.top/
2 B
347 B
Fetch
General
Full URL
https://oplgfft31i.hfhcpg.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717ddb_PShlamstdAMS1ei13_21174-63414
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
tgjho4leecy2.gbjoiv.top/
2 B
347 B
Fetch
General
Full URL
https://tgjho4leecy2.gbjoiv.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:20 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717ddb_PShlamstdAMS1ei13_21063-31468
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
1px7oj2ajoul.gbjoiv.top/
2 B
347 B
Fetch
General
Full URL
https://1px7oj2ajoul.gbjoiv.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:20 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717ddb_PShlamstdAMS1ei13_19947-11359
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
hkppzigpbl64.l4rdf9d9q1d3.top/
2 B
347 B
Fetch
General
Full URL
https://hkppzigpbl64.l4rdf9d9q1d3.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:20 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717ddb_PShlamstdAMS1ei13_20198-40993
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
of5hjr6rj76u.78udk0ie3gby.top/
2 B
346 B
Fetch
General
Full URL
https://of5hjr6rj76u.78udk0ie3gby.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:20 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717ddb_PShlamstdAMS1ei13_22029-8055
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
119.31.254.30/
2 B
462 B
Fetch
General
Full URL
https://119.31.254.30/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
119.31.254.30 Tokyo, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 12:30:18 GMT
Via
1.1 jp184:6 (W), 1.1 PS-YUL-04m5h73:9 (W)
Server
nginx
Age
273151
Access-Control-Max-Age
3600
X-Ws-Request-Id
66717dda_PS-YUL-04m5h73_52584-421
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials
true
X-Px
ht PS-YUL-04m5h73YUL
Connection
keep-alive
X-SafeLine-Ray
SafeLine
Content-Length
2
sdk.js
connect.facebook.net/en_US/
3 KB
4 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5557a0b64252741832999343799211142c2c3cc5cb3d5a8808db8e2db3fd9442
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Jun 2024 12:30:18 GMT
content-md5
IH5FKfLgI3lqLHfbxpA5YA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1687
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=21, rtx=0, c=14, mss=1392, tbw=2772, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug
FZJj8iV/K4vO6zykYnki/5etIFGcRuzZkBoayumB9KaLx1TuCJPwizabn+cqxGjqNsgGBGE3Ht1eAB14vvasZw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
ed30b8163333505e2ed0f21bf8192926
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"5f6a15fa14a9771f4d231098c4a90a5d"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
expires
Tue, 18 Jun 2024 12:44:58 GMT
1698682086797012994.jpg
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
167 KB
168 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1698682086797012994.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
a5e41a9c93d0dd19da7c70c43a10e31f89696b5ed14115490dd9d2fee8f8b168
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA64BB29C3D593B67E
content-md5
Ft7JbdbGQrVAep5d2eyb+Q==
x-cache-status
MISS
content-disposition
attachment
rid
db0c81f8d624386dc15a4a3d83ec3659
content-length
171344
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 04 Sep 2023 12:59:08 GMT
server
gocache
etag
"16DEC96DD6C642B5407A9E5DD9EC9BF9"
vary
Origin
content-type
image/jpeg
x-oss-ec
0048-00000111
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4217788810037234391
x-oss-server-time
2
1802665199708950529.jpg
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
128 KB
128 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1802665199708950529.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
a113ca884d5fcda11ec0c3cecb9d21f4846a9aeb8cb3967a9e1afcb96ee630a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA678B8EB2BB3C5052
content-md5
RdTfxehHIX8AfvDyyUmdaw==
x-cache-status
MISS
content-disposition
attachment
rid
f2d9019dcd49e37f97136e3e3c90d150
content-length
130607
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 11:30:53 GMT
server
gocache
etag
"45D4DFC5E847217F007EF0F2C9499D6B"
vary
Origin
content-type
image/jpeg
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10307784048598630596
x-oss-server-time
1
1728025400973451265.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
96 KB
97 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1728025400973451265.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
80e6f904090b4f2ace0eb221248ee25bdd5d8b0b185ab5651e9046fdcc2b9047
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA64BB29C3D593B682
content-md5
sKjLTb10KihieNA5lBGlxg==
x-cache-status
MISS
content-disposition
attachment
rid
60619513dd5d69df3e5afa93161b6635
content-length
98669
x-oss-object-type
Normal
c-type
pf
last-modified
Fri, 24 Nov 2023 12:18:58 GMT
server
gocache
etag
"B0A8CB4DBD742A286278D0399411A5C6"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
5365458057728906651
x-oss-server-time
2
1773237237499969538.jpg
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
235 KB
235 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1773237237499969538.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
85c5911d6770cf959980a3a19f0c7db26de0cb9b7a4a1f3801524c99a35436a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDAF6401B2D0132D9F3
content-md5
dYdR34GRl5dq9Bnp33Idkg==
x-cache-status
MISS
content-disposition
attachment
rid
53f553db37422e757c089b967bf8eba4
content-length
240268
x-oss-object-type
Normal
c-type
pf
last-modified
Thu, 28 Mar 2024 06:34:37 GMT
server
gocache
etag
"758751DF819197976AF419E9DF721D92"
vary
Origin
content-type
image/jpeg
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
453129350998193785
x-oss-server-time
1
1698693198965223425.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
143 KB
144 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1698693198965223425.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
7430f7c516c41e28390e8c5a84124204fd0b3bd8e917a9d026b768a901fe6ad3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDAFC4F3FAD0430F5B9
content-md5
MwXQKRnYdl6tFQfNkUzk2g==
x-cache-status
MISS
content-disposition
attachment
rid
8a0c1e5401dad97727ff7e68ea6d9446
content-length
146394
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 04 Sep 2023 13:43:17 GMT
server
gocache
etag
"3305D02919D8765EAD1507CD914CE4DA"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11027043696523151881
x-oss-server-time
1
1713884253570732033.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
114 KB
114 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1713884253570732033.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
a0c330369f6600cbe8805d9d9ce98f2ed10954f9bad71a493700f7581b7f6d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA3B220273BF3694FD
content-md5
AH8g+kX6dKbmC/fgus3m2w==
x-cache-status
MISS
content-disposition
attachment
rid
c6847f15fcc7421f4f2fdb0c9052c87d
content-length
116450
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 16 Oct 2023 11:47:07 GMT
server
gocache
etag
"007F20FA45FA74A6E60BF7E0BACDE6DB"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3397595861911701083
x-oss-server-time
1
1714219297259061250.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
120 KB
121 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1714219297259061250.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
9076cbc5869caac146a98c66b6e62c84dbbf7e8b4836bad7e520061fc57089ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA43CB4D5BAF3FF1C9
content-md5
FYXKyihtQxVMvS7I7b5d7Q==
x-cache-status
MISS
content-disposition
attachment
rid
3f63141671f96d86f6867d6a49651931
content-length
122713
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 17 Oct 2023 09:58:28 GMT
server
gocache
etag
"1585CACA286D43154CBD2EC8EDBE5DED"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4131854795625877077
x-oss-server-time
1
1777727145813614593.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
376 KB
377 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1777727145813614593.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
e47480be601754a5b869ac4445c709cb9f56d08aa0ef198ea67e8686553af977
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA68A37403AA376D86
content-md5
Jj30ixrFbF/mUxDNJCDHZg==
x-cache-status
MISS
content-disposition
attachment
rid
96a95adbf203e3e63e38366c44b5ad62
content-length
385416
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 09 Apr 2024 15:55:54 GMT
server
gocache
etag
"263DF48B1AC56C5FE65310CD2420C766"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2067413930151984999
x-oss-server-time
1
1768966466346557442.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
90 KB
90 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1768966466346557442.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
87c62507bff29302a3ce4bdd54369de7cd675f9165876efc89ddde079da09f9e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA9EB6B211659461C0
content-md5
SxBzO10B3xZq3fRlf6Ukkw==
x-cache-status
MISS
content-disposition
attachment
rid
1687092c0f4b9e70d8c07816910bc824
content-length
91983
x-oss-object-type
Normal
c-type
pf
last-modified
Sat, 16 Mar 2024 11:44:06 GMT
server
gocache
etag
"4B10733B5D01DF166ADDF4657FA52493"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
7927752763359758193
x-oss-server-time
3
1697499002520678402.jpg
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
140 KB
141 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1697499002520678402.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
f4ee5aa9b7c0aa811181adebd4444ea595cbeea5bf4403fe6a7f36626c999031
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA0D92D941F7958213
content-md5
WhUqy6NNh1pzWfyA5X0jlg==
x-cache-status
MISS
content-disposition
attachment
rid
45faed00a04c72bbaaa075a6e66517f9
content-length
143832
x-oss-object-type
Normal
c-type
pf
last-modified
Fri, 01 Sep 2023 06:37:58 GMT
server
gocache
etag
"5A152ACBA34D875A7359FC80E57D2396"
vary
Origin
content-type
image/jpeg
x-oss-ec
0048-00000111
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
14511123511187123058
x-oss-server-time
2
1728028608815661058.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
96 KB
96 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1728028608815661058.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
1de73a220760453efe00ba9af03e9430910d8c5c3c82dce116cbdc817c7bf5fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA68A37403AA376D92
content-md5
0tj59zn6qSTaIBzNR2yniQ==
x-cache-status
MISS
content-disposition
attachment
rid
23133881293cfa0b4dc751803352c17a
content-length
98011
x-oss-object-type
Normal
c-type
pf
last-modified
Fri, 24 Nov 2023 12:31:43 GMT
server
gocache
etag
"D2D8F9F739FAA924DA201CCD476CA789"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10172867866509360977
x-oss-server-time
2
webPushSdk.min.2.1.0.js
ysq5dvk35d.vsifmaufhn.xyz/libs/webPush@2.1.0/
100 KB
0
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/libs/webPush@2.1.0/webPushSdk.min.2.1.0.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
a69fa3ccd6ccc8b251dc3609f2c4a2c399e3f94f4583ad590db81c9622cc305d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DDAD14BBC3734ACA9CE
content-md5
LHKIIdWAqcpFnIhIzYtj4w==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
etag
"2C728821D580A9CA459C8848CD8B63E3"
x-ws-request-id
66717dda_PShlamstdAMS1ei13_22445-9715
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8677893404008255392
x-oss-server-time
1
1696107070898147329.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
6 KB
7 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1696107070898147329.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
ec70e3657e7b2820c97322643dc9e3c3e6d957247a7e9dcd530b7ea483243e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA9EB6B21165946229
content-md5
1/QaqQ5hmJvNKw34H0ueNw==
x-cache-status
MISS
content-disposition
attachment
rid
9b209aaa4ea64af2a85b971efe0e0809
content-length
6464
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 28 Aug 2023 10:26:53 GMT
server
gocache
etag
"D7F41AA90E61989BCD2B0DF81F4B9E37"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4197521885149274579
x-oss-server-time
2
bg_pattern_tile2.png
xc06l2-878-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/173/common-0/common/
2 KB
2 KB
Image
General
Full URL
https://xc06l2-878-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/173/common-0/common/bg_pattern_tile2.png?manualVersion=1&version=e32ffcb436
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.96.19 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
97a73875181ca09c292cb2989503d4cf543e80e74a3e7f825b00e0fdfe94237a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 12:30:18 GMT
x-oss-request-id
66717DDA678B8EB2BB3C50AD
Content-MD5
d2Iyng7CUaiYIVmfqLwBNg==
Content-Disposition
attachment
Connection
keep-alive
Content-Length
1553
x-oss-object-type
Normal
Last-Modified
Mon, 17 Jun 2024 09:20:32 GMT
Server
AliyunOSS
ETag
"7762329E0EC251A89821599FA8BC0136"
Vary
Origin
Content-Type
image/png
x-oss-ec
0048-00000111
Cache-Control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
Accept-Ranges
bytes
x-oss-hash-crc64ecma
6519988049277960269
x-oss-server-time
3
h5_zs_jr3.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
44 B
0
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/h5_zs_jr3.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
7ee18766441fe9b689a58fe39c47fb865e545c83b247b4a24eb8965ba948fe79

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
x-oss-request-id
66717DDAFC4F3FAD0430F4DB
content-md5
wyh/SIcntmomXMwpK5NRqA==
x-cache-status
MISS
content-disposition
attachment
rid
f82c4a09bd2658005a9bf5d8681f0895
content-length
44
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:22:45 GMT
server
gocache
etag
"C3287F488727B66A265CCC292B9351A8"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
14949001379604372144
x-oss-server-time
1
icon_dt_pmd.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-common/web/home/
660 B
1 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-common/web/home/icon_dt_pmd.png?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
79273aa0fe5c98f6e79c6e58b8dff3c7135f099bc5925830ae0f924ca8da847c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA9EB6B21165946246
content-md5
eCod9HORWmGcJWUShuvkQw==
x-cache-status
MISS
content-disposition
attachment
rid
afa07b1045e3b3cf4ae40cb28678104a
content-length
660
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 07:45:04 GMT
server
gocache
etag
"782A1DF473915A619C25651286EBE443"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
14606254484637566941
x-oss-server-time
2
icon_dtfl_rm_1.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/
2 KB
0
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_rm_1.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
beb78d667055fdefa9a9e19a5dfdfb8abdda09d643e24db1daef79673a712222

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
x-oss-request-id
66717DDAF6401B2D0132D91A
content-md5
Rcnc18vTmPdSLGVGpaberQ==
x-cache-status
MISS
content-disposition
attachment
rid
e152fa35ef23d1dff3a8dd4c5220a2f6
content-length
2302
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 07:45:03 GMT
server
gocache
etag
"45C9DCD7CBD398F7522C6546A5A6DEAD"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3451730334228747403
x-oss-server-time
1
btn_zc1_1.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-8/web/common/
2 KB
0
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-8/web/common/btn_zc1_1.webp?manualVersion=1&version=v4.0.350
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
4878b7e55392b0b65d5f85057f93c9cf453ac78c1451378b21f0b61e0f199bf2

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
x-oss-request-id
66717DDA64BB29C3D593B5C0
content-md5
nSYKJhYYnX02me1jkWzVjw==
x-cache-status
MISS
content-disposition
attachment
rid
793923d402fffa77849a7e9296492aa0
content-length
1810
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 07:45:03 GMT
server
gocache
etag
"9D260A2616189D7D3699ED63916CD58F"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
17398995504771244698
x-oss-server-time
2
btn_zc1_2.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-8/web/common/
238 B
758 B
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-8/web/common/btn_zc1_2.webp?manualVersion=1&version=eb49f71d2d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
198ae223e75515a9383ed2cbb2a6c2d81422a07d85690095b37af0faba749b63
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA64BB29C3D593B708
content-md5
n2YToFtkhHgPrGsExnrEJQ==
x-cache-status
MISS
content-disposition
attachment
rid
4600dd8d6e8e124b6f2a363a8bf5972d
content-length
238
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 07:45:03 GMT
server
gocache
etag
"9F6613A05B6484780FAC6B04C67AC425"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11454526672141066999
x-oss-server-time
2
icon_dtfl_dz_1.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/
3 KB
3 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_dz_1.webp?manualVersion=1&version=4986151e69
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
673acff7c1de96eca6522bcd8f83b7d8484a4aec6c096b09a32ce102ec851568
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA43CB4D5BAF3FF25A
content-md5
BLcE2IkxP7m9/y0M8dWDTw==
x-cache-status
MISS
content-disposition
attachment
rid
c2d22fe3aa1e34362ff4e7629510f9c1
content-length
2716
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 07:45:03 GMT
server
gocache
etag
"04B704D889313FB9BDFF2D0CF1D5834F"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2483379052426249027
x-oss-server-time
2
h5_zs_jr.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
4 KB
4 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/h5_zs_jr.webp?manualVersion=1&version=56d1ffd8a3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
dc7a5fbc58dec8a47a30ee12ff3f2c5b9c23ff6783ff74c4c405e8acedd37c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA68A37403AA376E19
content-md5
D62FwyQfOgL1wWMvvqDSrQ==
x-cache-status
MISS
content-disposition
attachment
rid
be91f6c313431e2330a8f75592d3a9ab
content-length
3862
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:22:45 GMT
server
gocache
etag
"0FAD85C3241F3A02F5C1632FBEA0D2AD"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11046972868453129980
x-oss-server-time
2
h5_zs_jr2.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
4 KB
4 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/h5_zs_jr2.webp?manualVersion=1&version=61e53fe259
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
c0f0656fc5f8cb722c9631746b13ac4c63527c5a7d66858135dc54d76a396d26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA9EB6B2116594626D
content-md5
cHZ4ucCkFJRPjPQFN/h85Q==
x-cache-status
MISS
content-disposition
attachment
rid
ccf2c71e061480dccab6d964bb4fcc32
content-length
3856
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:20:51 GMT
server
gocache
etag
"707678B9C0A414944F8CF40537F87CE5"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
5561362075979780982
x-oss-server-time
1
bg_pattern_tile.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common-0/common/
754 B
1 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common-0/common/bg_pattern_tile.webp?manualVersion=1&version=855c56c92b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
6e119572fe535553e39cd8b0ed9825fe1fa1a47926f28d57b84b4264329130b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA64BB29C3D593B73B
content-md5
qK6HHfcRpjfyEFAddA8nmg==
x-cache-status
MISS
content-disposition
attachment
rid
be0c29b0eab8b78c6732a76c5d1686af
content-length
754
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:21:37 GMT
server
gocache
etag
"A8AE871DF711A637F210501D740F279A"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11758940097739064659
x-oss-server-time
2
icon_btm_jr.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
8 KB
8 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/icon_btm_jr.webp?manualVersion=1&version=aec455cd5b
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
7998e3d893fbd2628857c94ad407c1c87141902698a734de0a01d2a03d186b25
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDAFC4F3FAD0430F67E
content-md5
i8addzKQZSQpwAkH+0axoQ==
x-cache-status
MISS
content-disposition
attachment
rid
aa0e22d1e7d9f6a93eba96ff9708796b
content-length
7818
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:23:16 GMT
server
gocache
etag
"8BC69D773290652429C00907FB46B1A1"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
786487344352315355
x-oss-server-time
1
icon_btm_jr3.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
46 B
564 B
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/icon_btm_jr3.webp?manualVersion=1&version=9e8b4abbf9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
22ea7f15509824e86aa0900e5d5f5301734214443ee2f415a6011b94f2bfa821
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA43CB4D5BAF3FF279
content-md5
HohA6ZwLkoRpfTEGlSvBiA==
x-cache-status
MISS
content-disposition
attachment
rid
d206766105172ce4dd392faeaace5762
content-length
46
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:21:36 GMT
server
gocache
etag
"1E8840E99C0B9284697D3106952BC188"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4974923758475718639
x-oss-server-time
3
icon_btm_jr2.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
7 KB
8 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/icon_btm_jr2.webp?manualVersion=1&version=88c988f1bf
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
7e0cd74b6dac966bb8ca087085ca83c998c4d770df860bbbcd601473d6b74fa8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA3B220273BF3695A6
content-md5
twxeNQZZ/3oi3CrbeaqlTA==
x-cache-status
MISS
content-disposition
attachment
rid
0e7613d17ceeaab709024c0d9a40e8e1
content-length
7550
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:20:31 GMT
server
gocache
etag
"B70C5E350659FF7A22DC2ADB79AAA54C"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
13334446142463239079
x-oss-server-time
1
btn_zc1_jr2.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
3 KB
4 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/btn_zc1_jr2.webp?manualVersion=1&version=1e70f96c1f
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
f963a40715a0d47a8c58a38c7f4b0836643b285043553055f5c08f8b769e17b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA678B8EB2BB3C5116
content-md5
VLTEEkshQlljKvV320r3Aw==
x-cache-status
MISS
content-disposition
attachment
rid
2683c9ed52933025cce63828adb7516f
content-length
3424
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:20:32 GMT
server
gocache
etag
"54B4C4124B214259632AF577DB4AF703"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
676472649283384505
x-oss-server-time
3
btn_zc1_jr.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/festival/173/common/common/
774 B
1 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/common/common/btn_zc1_jr.webp?manualVersion=1&version=0a1436df7d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
adb0d7cb42ccf1aa04887f00aa5f67bc8ac70b4ff75d5f745f51138ffc848938
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDA64BB29C3D593B73F
content-md5
g1ndwXEGG6p/gkwnPOL0Zg==
x-cache-status
MISS
content-disposition
attachment
rid
692372b9e4944134b8b12f9357850d0e
content-length
774
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 09:22:45 GMT
server
gocache
etag
"8359DDC171061BAA7F824C273CE2F466"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10252923656715916705
x-oss-server-time
2
custom_CNY.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/p/878/L1/200/3/
28 KB
29 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/p/878/L1/200/3/custom_CNY.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
cf88740301a952a560832fbbde2178eac6d90271a45933aaa1fca28fc5f96f9f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDAFC4F3FAD0430F682
content-md5
+bFVihg4Wi3jp6jJK0pa3Q==
x-cache-status
MISS
content-disposition
attachment
rid
b7fd7ec671b72c70cc2454306f818d89
content-length
28897
x-oss-object-type
Normal
c-type
pf
last-modified
Fri, 07 Jun 2024 04:45:23 GMT
server
gocache
etag
"F9B1558A18385A2DE3A7A8C92B4A5ADD"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12003758416536955864
x-oss-server-time
1
truncated
/
7 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd77baf5c92b4d189707bc93e6eb78d6bbc43f24a13ff5ee90c84763e690229f

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/
19 KB
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
90e152337c4e1fc4485d5ee6d51aaf7f1287eb1561b86e6dcf678de7ea00bf20

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
comm_icon_gou.svg
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/common/web/common/
413 B
880 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/common/web/common/comm_icon_gou.svg?mode=mask&manualVersion=1&version=4b4877375a
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
4b4877375a7af765e2fa097e240b7051b28ca8133929ee7d44c49fedb8231591
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DDB0D92D941F79583B4
content-md5
RGnO11iVHKK2qu2jVLqKeA==
x-cache-status
MISS
content-disposition
attachment
rid
d1f28ea63f656f783cdb15275eb69a99
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 02:57:01 GMT
server
gocache
etag
W/"4469CED758951CA2B6AAEDA354BA8A78"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
max-age=86400
x-oss-force-download
true
content-type
image/svg+xml
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
16332130678314105
x-oss-server-time
2
e7e3eb36-ddda-4f8b-90ad-0f99ae36b9f3
https://ysq5dvk35d.vsifmaufhn.xyz/
288 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/e7e3eb36-ddda-4f8b-90ad-0f99ae36b9f3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fe1f60b152252ee3bdfd4f7de0fbd66631f87ac60c52cfb9dbb9e7e6c1553bfb

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
295258
Content-Type
image/png
custom_CNY.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/p/878/CL/hot/47/5/
73 KB
74 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/p/878/CL/hot/47/5/custom_CNY.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
57e5a5e759fdc4404e5c9e7252115d66f411437a3d011ff4757b884ac23a1794
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDBFC4F3FAD0430F778
content-md5
qJpTm8kNO0zopZOaz/jm9Q==
x-cache-status
MISS
content-disposition
attachment
rid
77b74717cfd2627b617001ebd608f887
content-length
75045
x-oss-object-type
Normal
c-type
pf
last-modified
Sat, 08 Jun 2024 05:59:55 GMT
server
gocache
etag
"A89A539BC90D3B4CE8A5939ACFF8E6F5"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
13881150018094235213
x-oss-server-time
2
btn_sc_off_2.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/common/web/home/
320 B
839 B
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/common/web/home/btn_sc_off_2.webp?manualVersion=1&version=abfbb0d8b0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
f6b867ccd9e2f07f6b63eeebfec8dea030de76d2bfbc8df28f2ae3be87ba98a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB68A37403AA376F02
content-md5
nn5Le4nBIuuVAu2kDn/0Kg==
x-cache-status
MISS
content-disposition
attachment
rid
d9c7cca6c8ca62ceb856883d83387d94
content-length
320
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 02:56:55 GMT
server
gocache
etag
"9E7E4B7B89C122EB9502EDA40E7FF42A"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
5900798616740208116
x-oss-server-time
1
custom.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/878/CL/200/3/2000065/
79 KB
80 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/878/CL/200/3/2000065/custom.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
0f4ed427966b4bafb1b6f5e2ed6642be4dae9316d4cef326c5030219e6ddba4c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB678B8EB2BB3C520C
content-md5
IvS7xoXpvMwmVrmbGo6laA==
x-cache-status
MISS
content-disposition
attachment
rid
a77a9529beca011a09ac7d5adfe3a4c7
content-length
81087
x-oss-object-type
Normal
c-type
pf
last-modified
Fri, 07 Jun 2024 06:59:43 GMT
server
gocache
etag
"22F4BBC685E9BCCC2656B99B1A8EA568"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
5345929833680526781
x-oss-server-time
1
custom.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/878/CL/200/3/2000074/
82 KB
83 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/878/CL/200/3/2000074/custom.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
6dfef18d214e1a7f08b81fd29016fc35ec1fa664216ac93e3521d2278cff13c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB64BB29C3D593B82A
content-md5
OtdV/sbvRgjkybeYs0qkCg==
x-cache-status
MISS
content-disposition
attachment
rid
80aaf6f7660c564f2e4777f6cbb1176e
content-length
84387
x-oss-object-type
Normal
c-type
pf
last-modified
Fri, 07 Jun 2024 06:59:56 GMT
server
gocache
etag
"3AD755FEC6EF4608E4C9B798B34AA40A"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9727172379998611516
x-oss-server-time
2
custom.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/878/CL/200/3/2000060/
74 KB
75 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/878/CL/200/3/2000060/custom.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
d3896a73b93fafcc8994646aeb1191ea8486a4700150daf661069d6daae97665
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB43CB4D5BAF3FF362
content-md5
JPtWiTkteNRjnJMwyl8whQ==
x-cache-status
MISS
content-disposition
attachment
rid
48cce76c9576d4f9f1e5340b97d10161
content-length
76029
x-oss-object-type
Normal
c-type
pf
last-modified
Fri, 07 Jun 2024 06:59:31 GMT
server
gocache
etag
"24FB5689392D78D4639C9330CA5F3085"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
11561065513294400271
x-oss-server-time
8
default.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/CL/200/3/2000087/
76 KB
76 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/CL/200/3/2000087/default.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
97d9f60a8d889c9f037bd0fda882f76bd316aa4a9b53918457d5ebab43a02394
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB3B220273BF369699
content-md5
YbIgh/VxVqC/k8xrdX5AjA==
x-cache-status
MISS
content-disposition
attachment
rid
69e8c238ffed9954e617e40868f96b32
content-length
77638
x-oss-object-type
Normal
c-type
pf
last-modified
Sun, 09 Jun 2024 14:05:22 GMT
server
gocache
etag
"61B22087F57156A0BF93CC6B757E408C"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10895355113399610780
x-oss-server-time
1
default.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/CL/200/3/2000083/
64 KB
65 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/CL/200/3/2000083/default.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
ba48efd392bbdaa7ab38f4b6682f62828034d1cfadb14d02cf24d8ad044c053c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB64BB29C3D593B82C
content-md5
fgseKm6LG8MwwHDC5zLf6Q==
x-cache-status
MISS
content-disposition
attachment
rid
3c21dfc13b70c2ae1e7d4bf82c16f4f4
content-length
65520
x-oss-object-type
Normal
c-type
pf
last-modified
Sun, 09 Jun 2024 14:05:22 GMT
server
gocache
etag
"7E0B1E2A6E8B1BC330C070C2E732DFE9"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3351754073286370432
x-oss-server-time
1
default.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/CL/13/11/5001/
49 KB
50 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/CL/13/11/5001/default.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
d5015baf7055716490150e84cef43cc4bc00d175a17e835148b7a68cbb4015db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDBFC4F3FAD0430F786
content-md5
3jvW1HEFEVhxRIyPNOgsBA==
x-cache-status
MISS
content-disposition
attachment
rid
4744487464992c747791665d960ac49c
content-length
50486
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 29 May 2024 02:55:36 GMT
server
gocache
etag
"DE3BD6D47105115871448C8F34E82C04"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
12080492008400252084
x-oss-server-time
6
default.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/CL/206/2/2060003/
75 KB
75 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/CL/206/2/2060003/default.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
25cb1e75b02f7c9852a8528f7cca2b617cb9cc78c0da8f6f93297b529be58f28
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB9EB6B21165946374
content-md5
IjFm0Xl4DUmarPoLrUt6Cw==
x-cache-status
MISS
content-disposition
attachment
rid
8835602c5f7fa1499dd9cc795187019e
content-length
76589
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 29 May 2024 03:01:09 GMT
server
gocache
etag
"223166D179780D499AACFA0BAD4B7A0B"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
14591541610810577063
x-oss-server-time
2
custom_CNY.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/p/878/CL/hot/2/1/
22 KB
22 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/p/878/CL/hot/2/1/custom_CNY.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
38a0bc776de4147401d1c613b5ad0be394443decf7b45775f98dd9aba7eec491
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDBF6401B2D0132DBBA
content-md5
6mWsti7sB2PCKaDVOexyMA==
x-cache-status
MISS
content-disposition
attachment
rid
2f16b73893a9c70e6013c378bcbf0ab6
content-length
22180
x-oss-object-type
Normal
c-type
pf
last-modified
Fri, 07 Jun 2024 04:45:23 GMT
server
gocache
etag
"EA65ACB62EEC0763C229A0D539EC7230"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9208167025436206496
x-oss-server-time
1
default.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/CL/2/1/830/
75 KB
76 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/CL/2/1/830/default.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
aa19fbd37d1336727d9c73db4d8f87a03584594b6f2b8438fe7d49313d8c5d48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB0D92D941F79583F6
content-md5
hcf53OufQulnRjuB5bDaAQ==
x-cache-status
MISS
content-disposition
attachment
rid
0bfd96f6efe5bc2b43bd9460346abc9c
content-length
77018
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 29 May 2024 03:04:43 GMT
server
gocache
etag
"85C7F9DCEB9F42E967463B81E5B0DA01"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
18229525431750566459
x-oss-server-time
3
default.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/CL/2/1/890/
77 KB
78 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/CL/2/1/890/default.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
5ad921d2cf6c1ee18824c4264a5f5cfe2fac6b7ca92df06204b5f07944355beb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB68A37403AA376F1F
content-md5
0h6559swVp4H5y918sWJ4Q==
x-cache-status
MISS
content-disposition
attachment
rid
07a7a7a043213e5b56267ccc20b43c4f
content-length
78902
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 29 May 2024 03:05:39 GMT
server
gocache
etag
"D21EB9E7DB30569E07E72F75F2C589E1"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
14941336092157411609
x-oss-server-time
1
default.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/CL/7/3/70507/
66 KB
66 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/CL/7/3/70507/default.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
83d8490cc53f596458bec782e20ba778a0b8c5d206d9f2dca3fa9da47a17081d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDBFC4F3FAD0430F798
content-md5
vhTuDtSdBCc8AxLQuc0QLg==
x-cache-status
MISS
content-disposition
attachment
rid
7b1e778c39aa406ac43ac97b8da36e2f
content-length
67217
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 29 May 2024 02:37:51 GMT
server
gocache
etag
"BE14EE0ED49D04273C0312D0B9CD102E"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3559407772126559715
x-oss-server-time
2
default.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/CL/7/3/70139/
78 KB
78 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/CL/7/3/70139/default.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
0d23d1d3e0878a5b2ae6ec3e04960b299862a1e2d5ef359ae51d4286e294fa41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB64BB29C3D593B83D
content-md5
N2KjmOta2CZlMGFOvLWxNA==
x-cache-status
MISS
content-disposition
attachment
rid
7babbc3c8e16e1151b7db18eedb6c895
content-length
79748
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 29 May 2024 02:37:31 GMT
server
gocache
etag
"3762A398EB5AD8266530614EBCB5B134"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3618009260827824185
x-oss-server-time
2
default.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/CL/7/3/70204/
77 KB
77 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/CL/7/3/70204/default.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
cb4dfbcb67742413d8541c3e8572e52f3bbf69a1618857e6da9460a7aaf4d1b6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDB43CB4D5BAF3FF379
content-md5
4qKXISE5LBM7+F3puZ3RtQ==
x-cache-status
MISS
content-disposition
attachment
rid
5b5272fc7f7241ae4e2aeb65b4eb6de2
content-length
78756
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 29 May 2024 02:37:22 GMT
server
gocache
etag
"E2A2972121392C133BF85DE9B99DD1B5"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
8437411480003137487
x-oss-server-time
1
default.png
u9ynnpy3yb.dfi462194mt2.top/game_pictures/g/CL/7/3/70203/
79 KB
80 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/game_pictures/g/CL/7/3/70203/default.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
58c1f0003da0f150656436383d15b54c770b7092bb17d282c67897fbecb21415
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDBEDBE26E340499735
content-md5
0CvZyRwzougLi+9cjr4gOg==
x-cache-status
MISS
content-disposition
attachment
rid
dbeeb351853dac8b134d26f3401b8275
content-length
81217
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 29 May 2024 02:37:32 GMT
server
gocache
etag
"D02BD9C91C33A2E80B8BEF5C8EBE203A"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
15663863065488904515
x-oss-server-time
1
8325.672ba7471721aec62ba0.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
7 KB
0
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/8325.672ba7471721aec62ba0.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b31400b92b43fdecb3da3189faec45089551743cf463580d058b517bc7356c45

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DDBD14BBC323061B0CE
content-md5
ErqHoZrJNfY6fi/XHeDXwQ==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"12BA87A19AC935F63A7E2FD71DE0D7C1"
x-ws-request-id
66717ddb_PShlamstdAMS1ei13_22445-9742
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
1706046265055939337
x-oss-server-time
5
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/promote/config/agentMode/language/
152 B
776 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/promote/config/agentMode/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
2831f812850d2a87178a49c6df05c662cd0aa887be19cf7fe846f20f3bc7d865
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:19 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DDBEDBE26E3404997FB
content-md5
9F82R47YN2TjqklQ815fBA==
x-cache-status
MISS
content-disposition
attachment
rid
469cd882c651c1d7333d2dc0eec7235e
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 10 Jun 2024 11:29:00 GMT
server
gocache
etag
W/"F45F36478ED83764E3AA4950F35E5F04"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
17804240764638405829
x-oss-server-time
1
c8a4d867-b195-41a4-bc45-ea93f7a5d926
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/c8a4d867-b195-41a4-bc45-ea93f7a5d926
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
48b3f7a9c02bbb2238cd7d84a9a04d694906acb38e7be1300d5fc41f409ef11f

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
6724
Content-Type
image/png
70508d79-f2b4-448d-b380-6cabbebeede4
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/70508d79-f2b4-448d-b380-6cabbebeede4
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
576bccf45d5bc1e29be69a49fd9dabad8bc9ea14448a0887a24d1e1c7b000ca0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
6930
Content-Type
image/png
3207eae2-cbe9-4d25-8395-335af2382802
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/3207eae2-cbe9-4d25-8395-335af2382802
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66b4b159a776b9b800d5b88489756736d580b555d5ace5fe94cf9d7597ec2896

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
7202
Content-Type
image/png
eaddd29e-d5f6-4e87-8ecd-27d37f664e6e
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/eaddd29e-d5f6-4e87-8ecd-27d37f664e6e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2db71c8080e6eb4c64df2538e49150a48dc47ce33bcf09116178e78838886f6b

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
7361
Content-Type
image/png
b69cb0a1-223a-449c-929c-32d70aa3ce75
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/b69cb0a1-223a-449c-929c-32d70aa3ce75
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d91f2866c49bddc3f9e6d24d02d44c489fbdbb9a5880ecc52aa9e345bfda1fb9

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
7417
Content-Type
image/png
c181398b-9cd0-4338-9f4f-a4c665202e62
https://ysq5dvk35d.vsifmaufhn.xyz/
8 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/c181398b-9cd0-4338-9f4f-a4c665202e62
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0fcd02c22d90259f16d72f47bca26156b9e141919cbc36cea8218327177703a7

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
8596
Content-Type
image/png
cf7110d0-6b8b-4f64-8283-03f8fa687dd6
https://ysq5dvk35d.vsifmaufhn.xyz/
10 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/cf7110d0-6b8b-4f64-8283-03f8fa687dd6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aade883a8048954f47b5053db7dc9e6c301306547d0f192571a7c949462a3a36

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
10041
Content-Type
image/png
f0f6b600-b6b2-4e19-a56f-7451d285578f
https://ysq5dvk35d.vsifmaufhn.xyz/
10 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/f0f6b600-b6b2-4e19-a56f-7451d285578f
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d3f344a93a14cb048f339cf317eb9fdef1c1d17c21ccdaf4ff57d902146fca1

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
10530
Content-Type
image/png
b6f410b8-2810-44f5-9d8d-4826be681b51
https://ysq5dvk35d.vsifmaufhn.xyz/
10 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/b6f410b8-2810-44f5-9d8d-4826be681b51
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2cb1fc918ed2484fbdc4132a54da322a3130012bfcee80818b16faccede6da38

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
10445
Content-Type
image/png
624bf3fe-e937-4647-aa9a-8421bbd3d44c
https://ysq5dvk35d.vsifmaufhn.xyz/
10 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/624bf3fe-e937-4647-aa9a-8421bbd3d44c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2df190903c5d0e92c2d24a9254bfb27ee1dbde790b4eaf7e3dbf8f7f3f83adb

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
10214
Content-Type
image/png
7e6f68e2-496f-4ae6-9db8-0ba740283145
https://ysq5dvk35d.vsifmaufhn.xyz/
10 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/7e6f68e2-496f-4ae6-9db8-0ba740283145
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0bb5c53e3ff477fa980a9d39742e11c63908456482d09538e5e1d9bea8e95903

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
10143
Content-Type
image/png
2228d407-1b59-42ba-8a99-bc952a7df80e
https://ysq5dvk35d.vsifmaufhn.xyz/
10 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/2228d407-1b59-42ba-8a99-bc952a7df80e
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
69d0367e67d90a41c3a54cb3abc90e0d9288fd21d81473eb4892cc708da585a4

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
9982
Content-Type
image/png
65fd8a68-6cfe-40f8-b23b-16e1d2daf813
https://ysq5dvk35d.vsifmaufhn.xyz/
10 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/65fd8a68-6cfe-40f8-b23b-16e1d2daf813
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b275e365f61b3f9fdcb13e56aa177cf319f27887761bb8e4e1878d76f61c9ef7

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
9828
Content-Type
image/png
8a9ecfea-e3b4-4b10-a715-f224cb505051
https://ysq5dvk35d.vsifmaufhn.xyz/
10 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/8a9ecfea-e3b4-4b10-a715-f224cb505051
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
88b1f8b6b4860297ab7d26ab7ac51f9056a3de6f02b01d77a57b5e606095cfa1

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
9892
Content-Type
image/png
4350e903-9318-43db-b695-09470c7dbfec
https://ysq5dvk35d.vsifmaufhn.xyz/
9 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/4350e903-9318-43db-b695-09470c7dbfec
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a46b9baf209ce0165351bdb1571e4f43e0326038e90332f49c3928a2b0508649

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
9603
Content-Type
image/png
be045924-f15e-4415-aa64-e1de4632ee17
https://ysq5dvk35d.vsifmaufhn.xyz/
9 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/be045924-f15e-4415-aa64-e1de4632ee17
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
77908f613c39ae633fa247a44b1d51acf1b95197365c7f141099cd73e490d452

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
9396
Content-Type
image/png
ea4d4874-cf3d-4767-b62c-8da3f363fdc2
https://ysq5dvk35d.vsifmaufhn.xyz/
9 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/ea4d4874-cf3d-4767-b62c-8da3f363fdc2
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4a9836893abe4bf575847cddde691dcb8ea9e8de3f1cd65ec0d4c66f8f524c3b

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
9167
Content-Type
image/png
665f27c3-7b0a-4995-82c6-5d9c96269867
https://ysq5dvk35d.vsifmaufhn.xyz/
9 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/665f27c3-7b0a-4995-82c6-5d9c96269867
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d4c9767ac979d9e9cd9aa41fede68fc4fc36608bb5f2ff3d95de5f886ce912a0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
8827
Content-Type
image/png
76c930c7-0377-4442-9886-4af8140dc926
https://ysq5dvk35d.vsifmaufhn.xyz/
9 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/76c930c7-0377-4442-9886-4af8140dc926
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5183cb717b1205f97ff09c894041114a2350b4b4f4745023326eb4eb7bfa0db0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
8853
Content-Type
image/png
d01bed3b-dd8f-4adc-9c7e-63a2a8ca181c
https://ysq5dvk35d.vsifmaufhn.xyz/
8 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/d01bed3b-dd8f-4adc-9c7e-63a2a8ca181c
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d8e9a60d595d08b151190d9b2da86bebe17f0f4e43318e329b45dd141d5d9ef

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
8636
Content-Type
image/png
f769ea36-b929-4530-acb2-8ef1f78af985
https://ysq5dvk35d.vsifmaufhn.xyz/
8 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/f769ea36-b929-4530-acb2-8ef1f78af985
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3897055151c26aa7855011682ca69c926458d5dbd8169d1e4880fd5ce1de920e

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
8261
Content-Type
image/png
d8cea463-3b6b-48ff-814c-6a6d86702bec
https://ysq5dvk35d.vsifmaufhn.xyz/
8 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/d8cea463-3b6b-48ff-814c-6a6d86702bec
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b55fc4afecd236e27f772a7cbe0105c4e4568acbb118c2a8b65bedf59742e78

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
8090
Content-Type
image/png
8465f915-f3dd-4363-ba43-ff946028cc77
https://ysq5dvk35d.vsifmaufhn.xyz/
8 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/8465f915-f3dd-4363-ba43-ff946028cc77
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b899e2f447ba58f102897f23fe814d9bde8b9b00f320c8d5f0ead7e86cb5f4ca

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
7861
Content-Type
image/png
f48ac1be-edbf-4b00-a643-2442abb64cae
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/f48ac1be-edbf-4b00-a643-2442abb64cae
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ebdeed5b461dfec8559d3bc9bc6ff73d0eb134189e13a63135a15696ae373559

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
7271
Content-Type
image/png
eeb0b37c-3b82-4d09-abde-1e8af4f0c7c5
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/eeb0b37c-3b82-4d09-abde-1e8af4f0c7c5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
46472380403ed98e39e3c1002c431bfc9bb9187d1ed7bf75834a4f087120f17d

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
7172
Content-Type
image/png
8d177548-3855-4bed-9ced-8297275111e5
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/8d177548-3855-4bed-9ced-8297275111e5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ba093fe96862f9b9013edd7c3147d5f5b77e40107edca431fe29d6b40ad57912

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
7003
Content-Type
image/png
99fb07fc-d9bc-4461-bdfc-8dc04614ba12
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/99fb07fc-d9bc-4461-bdfc-8dc04614ba12
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4e8d31fac40f4b79b02267a71f5cd287766b7edeebad565badacb17b7a63ba2c

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
6970
Content-Type
image/png
c1431d8c-b10f-44f3-90e6-6c9b30186f26
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/c1431d8c-b10f-44f3-90e6-6c9b30186f26
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
535b1b4683a5bb0b95244e2e890bfe94dd5f6af1848948a309fda48877a35a0c

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
6929
Content-Type
image/png
64e3d119-a3ac-462f-b133-a72f3e730fab
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/64e3d119-a3ac-462f-b133-a72f3e730fab
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60b234201611fe2e41c22cfabe6d9a6e6fcbbaeb411f1c88e2e0830dabeac6a4

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
6868
Content-Type
image/png
422ac030-d29e-43d7-9bd9-52c474dd609d
https://ysq5dvk35d.vsifmaufhn.xyz/
7 KB
0
Image
General
Full URL
blob:https://ysq5dvk35d.vsifmaufhn.xyz/422ac030-d29e-43d7-9bd9-52c474dd609d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67acab4aa9dabf9afba7ca8fca5852f6a92eaefc8ce6ed4c33002e4a80cc7902

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length
6845
Content-Type
image/png
sdk.js
connect.facebook.net/en_US/
299 KB
86 KB
Script
General
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=937e71b7b3f1cb8c9df780c53701772b
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f003:100:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
4f6c1a203f13451f8b17529be6ad95d805f7d7d5aa31834582222e74709781da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Origin
https://ysq5dvk35d.vsifmaufhn.xyz
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 18 Jun 2024 12:30:19 GMT
content-md5
wFYrV0PtSE9ARmLtKmm+Jw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87600
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=114, rtx=0, c=24, mss=1232, tbw=10534, tp=15, tpl=0, uplat=0, ullat=-1
x-fb-debug
+UHhtGtGQ3srILb4709295k89cZV2aDSy1jMj0+hFlG8IlpUhbKwBgkbK4a3558xMrzwfHTEkW4oxf3JlqEM9Q==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
50bd034da65d60ab6d4845688999ce00
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
etag
"1375cf7e86e47acf32e665de6bc87656"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Wed, 18 Jun 2025 11:24:49 GMT
auth
conn.webpush.theengagelab.com/v1/
127 B
262 B
Fetch
General
Full URL
https://conn.webpush.theengagelab.com/v1/auth?user_str=undefined&appkey=0b9548321a0e456926a250d3&is_temporary=n
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/libs/webPush@2.1.0/webPushSdk.min.2.1.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
114.119.189.26 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS
ecs-114-119-189-26.compute.hwclouds-dns.com
Software
elb /
Resource Hash
0222e74298dc1ef7b374aece73655719f6c72f322bfd80c1860e38faebb76af0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-origin
https://ysq5dvk35d.vsifmaufhn.xyz
date
Tue, 18 Jun 2024 12:30:20 GMT
server
elb
content-length
127
content-type
text/plain; charset=utf8
sprite.svg
xc06l2-878-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/173/1-0/
424 B
837 B
XHR
General
Full URL
https://xc06l2-878-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/173/1-0/sprite.svg?manualVersion=1&version=v4.0.350
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.96.19 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
f00fbb64cb2a001550e7845be98b2baae870a912f9f2a3100688c6d114d2f3a8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 12:30:20 GMT
x-oss-request-id
66717DDCFC4F3FAD0430F9FB
Server
AliyunOSS
Vary
Origin
Access-Control-Allow-Methods
GET, POST, HEAD, PUT
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Etag
Access-Control-Max-Age
200
x-oss-ec
0026-00000001
Connection
keep-alive
Content-Length
424
x-oss-server-time
1
maintain-time.json
xc06l2-878-ppp.oss-accelerate.aliyuncs.com/cocos/
394 B
807 B
XHR
General
Full URL
https://xc06l2-878-ppp.oss-accelerate.aliyuncs.com/cocos/maintain-time.json?timestamp=1718713819658
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
47.252.96.19 , United States, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
eafbd454eb5b992b9f2857da1e4a8f3f42f5cab2923b36451e92f9e9fe13b6d8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 12:30:20 GMT
x-oss-request-id
66717DDC0D92D941F795864A
Server
AliyunOSS
Vary
Origin
Access-Control-Allow-Methods
GET, POST, HEAD, PUT
Content-Type
application/xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Etag
Access-Control-Max-Age
200
x-oss-ec
0026-00000001
Connection
keep-alive
Content-Length
394
x-oss-server-time
2
loader_v3.8.1.js
fpnpmcdn.net/v3/cIMrDd2qJKZFByajXD7O/
496 B
1013 B
Script
General
Full URL
https://fpnpmcdn.net/v3/cIMrDd2qJKZFByajXD7O/loader_v3.8.1.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/8325.672ba7471721aec62ba0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-93.yul62.r.cloudfront.net
Software
CloudFront /
Resource Hash
3c6e87d91913ef1bdf80ef25f55e2d1a84661e5613029f5b608005591ebff569
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
date
Fri, 14 Jun 2024 11:11:02 GMT
x-content-type-options
nosniff
via
1.1 9d44e85808045d940d36e8cfb772edae.cloudfront.net (CloudFront)
x-amz-cf-pop
YUL62-C2
age
350389
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
496
server
CloudFront
etag
"dFzXjqUN7+MWD1KjgdZmSJlXDUI"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3768, s-maxage=613929
timing-allow-origin
*
x-amz-cf-id
gcyfcGrHLN78XjVa0h08v3ff45bmIuqJk3pMqc9qIXwMNx87UBJ39A==
ipCheck
mheb5zoder.n8yudyplqd7r.top/hall/
233 B
563 B
XHR
General
Full URL
https://mheb5zoder.n8yudyplqd7r.top:9010/hall/ipCheck?siteCode=878&currency=CNY&language=zh&platformType=5
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
edd2d576431e1e2488bbe5b5b14f7bf4f78f83e458ad7a16bb89d5f53fd30043
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

deviceModel
Chrome126.0.0.0
x-version
4.0.350
devicetype
3
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce
2c0f4d6d-e469-4aee-8a50-f8d1acc61cc3
isWgPackage
false
language
zh
accept-language
zh
isSpeedPackae
false
device
7228edf1-64e9-44b1-940b-1990a08d5aa2
x-request-id
2c0f4d6d-e469-4aee-8a50-f8d1acc61cc3
sign
SeqXDOOH6j59o6Bew8PJbxBVm7NM0IotqUS+La88gLoYzccVWye0nDjA9K3YLsFD
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
domain
ysq5dvk35d.vsifmaufhn.xyz
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"en-CA","om":true,"init":{"created":1718713815999,"version":1718675909000}}
auth
undefined
x-custom-referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept
application/json, text/plain, */*
timestamp
1718713820
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
siteCode
878
newJwt
token
clienttimezone
UTC-7
browserfingerid

Response headers

date
Tue, 18 Jun 2024 12:30:20 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-env-go-biz-gateway
0
x-cache-status
MISS
rid
8d6594cf0326a14bff8276535ec836f2
x-safeline-ray
SafeLine
x-trace-id
2f85f29d3a311369
c-type
pf
server
gocache
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/json; charset=UTF-8
access-control-max-age
3600
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
x-server-version
4.0.0
ipCheck
mheb5zoder.n8yudyplqd7r.top/hall/
0
0
Preflight
General
Full URL
https://mheb5zoder.n8yudyplqd7r.top:9010/hall/ipCheck?siteCode=878&currency=CNY&language=zh&platformType=5
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
GET
Origin
https://ysq5dvk35d.vsifmaufhn.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
access-control-allow-methods
*
access-control-allow-origin
*
access-control-max-age
3600
c-type
pf
content-length
0
content-type
application/octet-stream
date
Tue, 18 Jun 2024 12:30:20 GMT
rid
a19d02b555d0d3384bc7a59d0adbb994
server
gocache
strict-transport-security
max-age=31536000; includeSubDomains
x-safeline-ray
SafeLine
1014.c91479027af1a39ff805.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
68 KB
0
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/1014.c91479027af1a39ff805.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
1c8223c50eaa71654a61d36c36770bdc1facc41b9095360b620f90a4dc7dd0e0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:21 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DDD8A23F730336241F2
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
JTajUtDIm/PPupwR7gKeAg==
x-ws-request-id
66717ddd_PShlamstdAMS1ei13_22445-9789
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
10109345155772341872
x-oss-server-time
4
1014.5020be14f1c55a24b5e7.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
100 KB
0
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/1014.5020be14f1c55a24b5e7.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
0a5573f72522d7018a917c4489f6bfcf2d06111c2ff62dded828e2f016445935

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:21 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DDDF27FBE3632EAA22D
content-md5
oHjzl61DwtowUx73a22Jkw==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"A078F397AD43C2DA30531EF76B6D8993"
x-ws-request-id
66717ddd_PShlamstdAMS1ei13_22445-9790
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2965340256998334498
x-oss-server-time
6
5.json
u9ynnpy3yb.dfi462194mt2.top/hall/system/status/currency/CNY/language/zh/osType/4/platformType/
17 KB
571 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/system/status/currency/CNY/language/zh/osType/4/platformType/5.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
6fd76bc75fdd06ef2102446f20ec3394959f64d21b338ba2b1c924bdfe44e58e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
x-oss-request-id
66717DD943CB4D5BAF3FF00E
content-md5
VvzsX9s2CvBHYLf0Qj1KlA==
x-cache-status
HIT
content-disposition
attachment
rid
485659a5fad1b59327cb9322e8e34c50
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 05:45:30 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=60,max-age=0,public
x-oss-force-download
true
x-oss-ec
0048-00000111
x-oss-storage-class
Standard
content-type
application/json
x-oss-hash-crc64ecma
9831142040923731309
x-oss-server-time
1
gt.js
ysq5dvk35d.vsifmaufhn.xyz/libs/gt@5/
5 KB
0
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/libs/gt@5/gt.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c54e8eef343ddf228ab711c9f924df5197906aa4c3a7a856cf59017da10d2472

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:22 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DDD4C8B37333261EEA3
content-md5
seGtbRmWkcsA5RP74x0t+Q==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
etag
"B1E1AD6D199691CB00E513FBE31D2DF9"
x-ws-request-id
66717ddd_PShlamstdAMS1ei13_22445-9807
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
2145963118752755642
x-oss-server-time
3
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/home/smsCountry/currency/CNY/language/
5 KB
4 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/home/smsCountry/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
40857b72da4d57f3c3e3638b2f7e5089489468788a4fb44fe827617dc722b085
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:21 GMT
content-encoding
gzip
x-oss-request-id
66717DDDEDBE26E340499D68
content-md5
QwEVa60tufb68VZAk+/YbQ==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
80198823786e7909b763affff9f6ea22
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 05:44:00 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
6193464030530611273
x-oss-server-time
2
default.json
u9ynnpy3yb.dfi462194mt2.top/hall/activetask/newcomer_benefit_reward/
108 B
742 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/activetask/newcomer_benefit_reward/default.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
0af4fe8a47920bfe6ab607d1120a6e67a54a205fd50b10075f2fe1f3389c931e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DDDEDBE26E340499D9A
content-md5
NH0GAUKdPHw8YidM/NjYYg==
x-cache-status
MISS
content-disposition
attachment
rid
c7f4625d06cb64ef1f986307a13af6c7
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 10 Jun 2024 11:29:00 GMT
server
gocache
etag
W/"347D0601429D3C7C3C62274CFCD8D862"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
9983078535620052972
x-oss-server-time
2
domain
119.31.254.30/hall/promote/pointer/
0
0
Preflight
General
Full URL
https://119.31.254.30/hall/promote/pointer/domain
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
119.31.254.30 Tokyo, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auth,browserfingerid,clienttimezone,content-type,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
POST
Origin
https://ysq5dvk35d.vsifmaufhn.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
auth,browserfingerid,clienttimezone,content-type,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Tue, 18 Jun 2024 12:30:22 GMT
Server
nginx
Via
1.1 PSxjpSin5ll149:1 (W), 1.1 PS-YUL-04m5h73:9 (W)
X-Px
ms PS-YUL-04m5h73YUL,ms PSxjpSin5ll149SIN(origin)
X-SafeLine-Ray
SafeLine
X-Ws-Request-Id
66717ddd_PS-YUL-04m5h73_52584-423
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/activetask/pop_newcomerBenefit/currency/CNY/language/
896 B
1 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/activetask/pop_newcomerBenefit/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
d8307119f24e5c07fae80cb8e736ecd818f02602c8dfb09b5aae8a5c8c1cc37e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DDD64BB29C3D593BF2A
content-md5
m2AfdiMncQkJ9BLwyHfx0g==
x-cache-status
MISS
content-disposition
attachment
rid
d8fc5bf6734e75f27ff9f4498e623566
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 10 Jun 2024 11:29:00 GMT
server
gocache
etag
W/"9B601F762327710909F412F0C877F1D2"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
9538216881465925728
x-oss-server-time
3
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/activetask/pop_taskDay/currency/CNY/language/
1 KB
2 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/activetask/pop_taskDay/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
72ab0d980ba12876ea63de0e925994e748d0bc66d5d0073dfb95ba5b0a80b545
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:21 GMT
content-encoding
gzip
x-oss-request-id
66717DDD43CB4D5BAF3FFA31
content-md5
Iql4MbGuEvB20vvH9/sqFw==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
c16e138c108ffd5aed349dfbd3c12524
x-oss-object-type
Normal
c-type
pf
last-modified
Thu, 13 Jun 2024 14:24:30 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
11360709205951114378
x-oss-server-time
2
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/activetask/pop_taskWeek/currency/CNY/language/
172 B
791 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/activetask/pop_taskWeek/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
f9dad05895bc5a1cb647be97cfa146519ab69d9fb60997d0bfae81f70b233326
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DDDFC4F3FAD0430FEB5
content-md5
etcn/YLXFTdwA5120q0Bmg==
x-cache-status
MISS
content-disposition
attachment
rid
fba9978b648e818d7dcea91ad2351036
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 10 Jun 2024 11:29:00 GMT
server
gocache
etag
W/"7AD727FD82D7153770039D76D2AD019A"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
4531360533872090249
x-oss-server-time
1
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/activetask/pop_taskThreeDay/currency/CNY/language/
172 B
794 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/activetask/pop_taskThreeDay/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
bca8819325109d147522d140e13a1c89ab2bf6a647188113d95819493546f8f8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DDD0D92D941F7958A6E
content-md5
PlFvjc2pvtyZSHS/i9Jadw==
x-cache-status
MISS
content-disposition
attachment
rid
a3752be99e7ae7329f83de7559e47419
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 17 Jun 2024 16:23:32 GMT
server
gocache
etag
W/"3E516F8DCDA9BEDC994874BF8BD25A77"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
18148792602833800583
x-oss-server-time
3
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/customer/staffallv3/currency/CNY/language/
4 KB
4 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/customer/staffallv3/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
7efb1a9a98656670abcf38800ecbcd44cf9d9ba103a763353412a0fe5974f357
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:21 GMT
content-encoding
gzip
x-oss-request-id
66717DDD68A37403AA3775F1
content-md5
eoB2POSeFEDfUA+md6f16w==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
c356b78a824c7e1e4bddbdda6194ac34
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 08:10:00 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=60,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
6967027476859472796
x-oss-server-time
1
CNY.json
u9ynnpy3yb.dfi462194mt2.top/hall/message/popupcfg/currency/
64 B
707 B
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/message/popupcfg/currency/CNY.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
bc424bc2e1491d9a1365bed369b38b7745c38cb1e9d488ca5ae374fcb5d188f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:21 GMT
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
br
x-oss-request-id
66717DDDFC4F3FAD0430FEB6
content-md5
+Pzn1OXrFuatXw4/ddU1zw==
x-cache-status
MISS
content-disposition
attachment
rid
e81f0a02a7b173e12d9d3ac3afa0dff2
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 10 Jun 2024 11:29:00 GMT
server
gocache
etag
W/"F8FCE7D4E5EB16E6AD5F0E3F75D535CF"
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
15945317486957146296
x-oss-server-time
1
domain
119.31.254.30/hall/promote/pointer/
49 B
691 B
XHR
General
Full URL
https://119.31.254.30/hall/promote/pointer/domain
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
119.31.254.30 Tokyo, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
c5966601e5bb2796859a88fb90a597ee7c85b45bebc1f490651a2ce5d36aefdf

Request headers

deviceModel
Chrome126.0.0.0
x-version
4.0.350
devicetype
3
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce
ca67225e-2efe-468f-81a1-83c7751f5a55
isWgPackage
false
language
zh
accept-language
zh
isSpeedPackae
false
device
7228edf1-64e9-44b1-940b-1990a08d5aa2
x-request-id
ca67225e-2efe-468f-81a1-83c7751f5a55
sign
qpxkXBMgpQ3pIZTJU/SVfJ7rHANl6FRikfVAag5gKHlwTlz2UW9bubQl7RoelZhm
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
domain
ysq5dvk35d.vsifmaufhn.xyz
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"en-CA","om":true,"init":{"created":1718713815999,"version":1718675909000}}
auth
undefined
Content-Type
application/json
x-custom-referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept
application/json, text/plain, */*
timestamp
1718713821
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
siteCode
878
newJwt
token
b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone
UTC-7
browserfingerid

Response headers

Date
Tue, 18 Jun 2024 12:30:22 GMT
Via
1.1 PSxjpSin5ll149:1 (W), 1.1 PS-YUL-04m5h73:9 (W)
X-Env-Go-Biz-Gateway
0
Api-Cache
false
X-Env-Go-Biz-Agent-Server
0
X-Px
ms PS-YUL-04m5h73YUL,ms PSxjpSin5ll149SIN(origin)
Connection
keep-alive
X-SafeLine-Ray
SafeLine
Content-Length
49
X-Trace-Id
7175fd64c14eb242
Server
nginx
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
*
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
X-Ws-Request-Id
66717dde_PS-YUL-04m5h73_52584-424
X-Server-Version
4.0.0
true.json
u9ynnpy3yb.dfi462194mt2.top/hall/message/all/index/currency/CNY/frame/true/language/zh/list/0/marqueePage/1/marqueeSize/10/unReadListCount/
16 KB
11 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/message/all/index/currency/CNY/frame/true/language/zh/list/0/marqueePage/1/marqueeSize/10/unReadListCount/true.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
b2e4a84df00a0ad6ea9351ab1f40ded19281270d6f73a5e769fa291a36a2af4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:22 GMT
content-encoding
gzip
x-oss-request-id
66717DDEEDBE26E340499DC0
content-md5
1SbHlNCDumWTxkhIOLU5Rg==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
a46cfd8ccc38c81b99073350840cfad0
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 05:59:30 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
8100988744949235260
x-oss-server-time
1
truncated
/
413 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4b4877375a7af765e2fa097e240b7051b28ca8133929ee7d44c49fedb8231591

Request headers

Referer
Origin
https://ysq5dvk35d.vsifmaufhn.xyz
Accept-Language
en-CA,en;q=0.9;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
ChineseMainland.png
u9ynnpy3yb.dfi462194mt2.top/country/nationalflag/
370 B
851 B
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/country/nationalflag/ChineseMainland.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
da934180258c7b6a17b99bb778d9394f1f4a91e83f80d56093b793100323748b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDEEDBE26E340499EB8
content-md5
ZxGy0kAjtWltFF07BXEZEw==
x-cache-status
MISS
content-disposition
attachment
rid
1d2f0321d0d66a3d04a93932f481a0a0
content-length
370
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 28 Feb 2024 01:10:42 GMT
server
gocache
etag
"6711B2D24023B5696D145D3B05711913"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
741846680778572942
x-oss-server-time
2
1775428841501818881.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
5 KB
6 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1775428841501818881.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
08f50a7e89fdc98cc0c3ce286ef7113aa7e53f9dbcaa333ff5901b91033e2a67
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:22 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDE0D92D941F7958B7C
content-md5
56vgWnyukThgdGwstuPPow==
x-cache-status
MISS
content-disposition
attachment
rid
8c744511bf72cc08d3d48d323dcfe25d
content-length
5413
x-oss-object-type
Normal
c-type
pf
last-modified
Wed, 03 Apr 2024 07:43:16 GMT
server
gocache
etag
"E7ABE05A7CAE913860746C2CB6E3CFA3"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
7165789102513611258
x-oss-server-time
2
5397.f33ef10d17ad2771b5d8.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
26 KB
0
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/5397.f33ef10d17ad2771b5d8.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
5c183acdaa09073a1c465fb31a3d2f5a3da99aee8354d59a6e53026a1afbcca1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:22 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DDE8A23F73834C54AF2
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
mSkgsfBhmpkLEqH0e/icBQ==
x-ws-request-id
66717dde_PShlamstdAMS1ei13_22445-9829
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17804773281902284694
x-oss-server-time
4
5397.7ac13f04cb8f52cf1ac1.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
12 KB
0
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/5397.7ac13f04cb8f52cf1ac1.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
309a71557cfcebee7e178ebfb4d1930cb24d8bd96692ec623e32bc0e9c8a1f08

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:22 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DDE5337553534B2A6F6
content-md5
tndCBx6ff5uLl8Ztq6JTIw==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"B67742071E9F7F9B8B97C66DABA25323"
x-ws-request-id
66717dde_PShlamstdAMS1ei13_22445-9831
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9094519465166308647
x-oss-server-time
4
pre_load
riskct.geetest.com/g2/api/v1/
292 B
661 B
Script
General
Full URL
https://riskct.geetest.com/g2/api/v1/pre_load?client_type=web&callback=geetest_1718713830827
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/libs/gt@5/gt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.159.107.100 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
TencentEdgeOne /
Resource Hash
906c57a7abd81e196f9f89046a231ddb9184afddf7731046501f895ef52b1f99

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 12:30:22 GMT
server
TencentEdgeOne
eo-cache-status
MISS
etag
"3fa277de74fcf90e4bc6124e67f37e1a855566d6"
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
cache-control
must-revalidate, no-cache, no-store
eo-log-uuid
13496009913848430936
access-control-allow-headers
Appid, Client-Type, Api-Version, GeeID, Content-Type
content-length
292
expires
0
geeGuard.3a5e3e59702cd1908b3f768b4e8cf4ac.js
static.geetest.com/g5/v1/static/v1.2.0/js/
176 KB
48 KB
Script
General
Full URL
https://static.geetest.com/g5/v1/static/v1.2.0/js/geeGuard.3a5e3e59702cd1908b3f768b4e8cf4ac.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/libs/gt@5/gt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d13c9255f5ad32bb2ba8aa17d8dfa354f7197c118b4f60a310f972cd822b256c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Origin
https://ysq5dvk35d.vsifmaufhn.xyz
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:23 GMT
content-encoding
gzip
cf-cache-status
MISS
x-goog-meta-goog-reserved-file-mtime
1716450151
x-guploader-uploadid
ACJd0NrNHjs8Y1z8_fiJTc0VRIEEF1kMs-BtelFy2yHPdYSrn-XnSbF3uoHCz26mEGlGreJSVLg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Thu, 23 May 2024 08:13:46 GMT
server
cloudflare
etag
W/"a8106b63df7e8314443eff1b52a2b79c"
vary
Accept-Encoding
x-goog-generation
1716452026076954
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=kT8lgw==, md5=qBBrY99+gxREPv8bUqK3nA==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-meta-mtime
2024-05-23T07:42:31Z
x-goog-stored-content-length
179830
cf-ray
895b4a539d87abb1-YYZ
expires
Wed, 19 Jun 2024 12:30:23 GMT
1801129469511790593.png
u9ynnpy3yb.dfi462194mt2.top/siteadmin/upload/img/
222 KB
223 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/upload/img/1801129469511790593.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
ea6092cebf06bc698f5378170544cb1953fe0d3dbc3a8d9fe3a60326529d9efb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:23 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DDF0D92D941F7958D22
content-md5
4CLVlZiWPQXzcPUKdk0Nrw==
x-cache-status
MISS
content-disposition
attachment
rid
ba53722f62568ca48d09fc07cb1e00bb
content-length
227503
x-oss-object-type
Normal
c-type
pf
last-modified
Thu, 13 Jun 2024 05:48:27 GMT
server
gocache
etag
"E022D59598963D05F370F50A764D0DAF"
vary
Origin
content-type
image/png
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4547514242163697707
x-oss-server-time
2
client_report
riskct.geetest.com/g2/api/v1/
2 KB
2 KB
XHR
General
Full URL
https://riskct.geetest.com/g2/api/v1/client_report
Requested by
Host: static.geetest.com
URL: https://static.geetest.com/g5/v1/static/v1.2.0/js/geeGuard.3a5e3e59702cd1908b3f768b4e8cf4ac.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.159.107.100 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
TencentEdgeOne /
Resource Hash
8201cdbf19f4a997e5c885acf0c4c0bc7d4ddfc2a00d55b9ba4f5d5385f51e1f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
API-Version
1
AppID
9ia4hndgblg9xihxcwgdjt9ztg8sjwaf
Client-Type
3
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 12:30:24 GMT
server
TencentEdgeOne
eo-cache-status
MISS
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://ysq5dvk35d.vsifmaufhn.xyz
cache-control
must-revalidate, no-cache, no-store
eo-log-uuid
10094744469469484340
access-control-allow-headers
Appid, Client-Type, Api-Version, GeeID, Content-Type
content-length
1981
expires
0
client_report
riskct.geetest.com/g2/api/v1/
0
0
Preflight
General
Full URL
https://riskct.geetest.com/g2/api/v1/client_report
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
43.159.107.100 , Singapore, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software
TencentEdgeOne /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
api-version,appid,client-type
Access-Control-Request-Method
POST
Origin
https://ysq5dvk35d.vsifmaufhn.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
Appid, Client-Type, Api-Version, GeeID, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin
https://ysq5dvk35d.vsifmaufhn.xyz
cache-control
must-revalidate, no-cache, no-store
content-length
0
content-type
application/json;charset=UTF-8
date
Tue, 18 Jun 2024 12:30:24 GMT
eo-cache-status
MISS
eo-log-uuid
2249355859164993717
expires
0
pragma
no-cache
server
TencentEdgeOne
heartbeat
119.31.254.30/hall/home/
88 B
885 B
XHR
General
Full URL
https://119.31.254.30/hall/home/heartbeat
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
119.31.254.30 Tokyo, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
c2a97047a8b2e3d47c313b3d78c78a217c95c54ab2b43059b8106786b8c9ffcd

Request headers

deviceModel
Chrome126.0.0.0
x-version
4.0.350
devicetype
3
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce
dbd84fa4-1fe9-4762-a52e-d5cf3dd2a287
isWgPackage
false
language
zh
accept-language
zh
isSpeedPackae
false
device
7228edf1-64e9-44b1-940b-1990a08d5aa2
x-request-id
dbd84fa4-1fe9-4762-a52e-d5cf3dd2a287
sign
N3BOdtFENBcGHe2sR7eVKFeagRFiw82izAj0xaFY/hLCLAbhCxlnrhnJE128M44e
sec-ch-ua-platform
"Win32"
isVest
false
currency
CNY
platformType
5
domain
ysq5dvk35d.vsifmaufhn.xyz
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id
{"uid":"","browserLanguage":"en-CA","om":true,"init":{"created":1718713815999,"version":1718675909000}}
auth
undefined
x-custom-referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept
application/json, text/plain, */*
timestamp
1718713826
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
siteCode
878
newJwt
token
b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone
UTC-7
browserfingerid

Response headers

Date
Tue, 18 Jun 2024 12:30:26 GMT
Via
1.1 PSxjpSin5ll149:1 (W), 1.1 PS-YUL-04m5h73:9 (W)
X-Env-Go-Biz-Gohal-Server
0
X-Env-Go-Biz-Gateway
0
Api-Cache
false
X-Px
ms PS-YUL-04m5h73YUL,ms PSxjpSin5ll149SIN(origin)
Connection
keep-alive
X-SafeLine-Ray
SafeLine
Content-Length
88
X-Trace-Id
5633f84cf87a52ad
Server
nginx
Access-Control-Max-Age
3600
Access-Control-Allow-Methods
*
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
X-Ws-Request-Id
66717de2_PS-YUL-04m5h73_52584-426
X-Server-Version
4.0.0
heartbeat
119.31.254.30/hall/home/
0
0
Preflight
General
Full URL
https://119.31.254.30/hall/home/heartbeat
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
119.31.254.30 Tokyo, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method
POST
Origin
https://ysq5dvk35d.vsifmaufhn.xyz
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Allow-Methods
*
Access-Control-Allow-Origin
*
Access-Control-Max-Age
3600
Connection
keep-alive
Content-Length
0
Content-Type
application/octet-stream
Date
Tue, 18 Jun 2024 12:30:26 GMT
Server
nginx
Via
1.1 PSxjpSin5ll149:1 (W), 1.1 PS-YUL-04m5h73:9 (W)
X-Px
ms PS-YUL-04m5h73YUL,ms PSxjpSin5ll149SIN(origin)
X-SafeLine-Ray
SafeLine
X-Ws-Request-Id
66717de2_PS-YUL-04m5h73_52584-425
manifest.json
ysq5dvk35d.vsifmaufhn.xyz/
42 KB
15 KB
XHR
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/manifest.json?1718713816656
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
AliyunOSS /
Resource Hash
97dc9835b26adf12a447b1b3606c1029e95f06d5898c48b4b13bf29f1a542ee9

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept
application/json, text/plain, */*
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:27 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE2829A183337DDAB58
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
content-md5
oGrXjpFcXU6i+EyfsKsaRg==
x-ws-request-id
66717de2_PShlamstdAMS1ei13_22445-9904
content-type
application/json
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17984663568559877807
x-oss-server-time
2
8971.5c2520428a9bb91e6e51.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
4 KB
0
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/8971.5c2520428a9bb91e6e51.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
ef2f7b8fe39fba05d92730366ca0863bbfe80152a5e259dbe6263f775fa1cadd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:27 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE28A23F73935CC6DF2
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
7eQ3p/hunJZawMb0sZbfcA==
x-ws-request-id
66717de2_PShlamstdAMS1ei13_22445-9907
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
5488845247974812126
x-oss-server-time
6
8971.6768564fc47d50ca695c.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
9 KB
0
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/8971.6768564fc47d50ca695c.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
e7f5c3176818e414720fe53b9431afff5253c9b468be858454c84d4ece7bff98

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:27 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE2D14BBC373434EECE
content-md5
ueRoW7FpGTu6Zu+fF1dhbw==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"B9E4685BB169193BBA66EF9F1757616F"
x-ws-request-id
66717de2_PShlamstdAMS1ei13_22445-9908
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
6610856736314164691
x-oss-server-time
2
floatBar@theme=1.617cff07d092ccc71080.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
1 KB
0
Stylesheet
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/floatBar@theme=1.617cff07d092ccc71080.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
c1912af451d41169107500e5d3ac76a523906163882d79844d4eaae15aaace42

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:27 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE2D14BBC323027EECE
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
qSaIoSy+gU9AaCuL0wQHwA==
x-ws-request-id
66717de2_PShlamstdAMS1ei13_22445-9909
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
7139581085607995511
x-oss-server-time
2
floatBar@theme=1.887258c8b03a02b6fc70.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
2 KB
0
Script
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/floatBar@theme=1.887258c8b03a02b6fc70.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/runtime.a781ec1829aecd052d94.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
6178b73d3855366779564098fbf36516c0f69e46b5b92d1b29f9ac2ef44526e4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:27 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE28A23F73033B86DF2
content-md5
37e6xnyJLJAU4abVqq114Q==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"DFB7BAC67C892C9014E1A6D5AAAD75E1"
x-ws-request-id
66717de2_PShlamstdAMS1ei13_22445-9910
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
7523333745042891564
x-oss-server-time
11
icon_cz_no.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/common/common/deposit/
858 B
1 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/common/common/deposit/icon_cz_no.webp?manualVersion=1&version=3e1cc85094
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
72e141e50c8468f4af61394def9226b72a866eb59e615c4037d7efd11ff0b202
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:26 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DE20D92D941F79595D9
content-md5
DJBi0d1ggd4pr9Nv7SuXLQ==
x-cache-status
MISS
content-disposition
attachment
rid
4a2c7985834b4ac3c1c394b9facf6936
content-length
858
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 02:53:30 GMT
server
gocache
etag
"0C9062D1DD6081DE29AFD36FED2B972D"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10196965084729788952
x-oss-server-time
3
icon_cz_no.webp
u9ynnpy3yb.dfi462194mt2.top/siteadmin/skin/lobby_asset/common/common/deposit/
858 B
0
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/common/common/deposit/icon_cz_no.webp?manualVersion=1&version=3e1cc85094
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
72e141e50c8468f4af61394def9226b72a866eb59e615c4037d7efd11ff0b202

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:26 GMT
x-oss-request-id
66717DE20D92D941F79595D9
content-md5
DJBi0d1ggd4pr9Nv7SuXLQ==
x-cache-status
MISS
content-disposition
attachment
rid
4a2c7985834b4ac3c1c394b9facf6936
content-length
858
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 02:53:30 GMT
server
gocache
etag
"0C9062D1DD6081DE29AFD36FED2B972D"
vary
Origin
content-type
binary/octet-stream
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
10196965084729788952
x-oss-server-time
3
zh.json
u9ynnpy3yb.dfi462194mt2.top/hall/active/quickList/currency/CNY/language/
3 KB
3 KB
XHR
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/hall/active/quickList/currency/CNY/language/zh.json
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
8f3a85f1a4ff518048b6272e4695855788055bbacec38bad6cf9a3b99cb43651
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:27 GMT
content-encoding
gzip
x-oss-request-id
66717DE30D92D941F79596FD
content-md5
NXlS/0uOieGUHBc9rfmZTw==
x-cache-status
MISS
strict-transport-security
max-age=31536000; includeSubDomains
content-disposition
attachment
rid
6fdfaf9dd1bffe83f05d6d399e34f136
x-oss-object-type
Normal
c-type
pf
last-modified
Tue, 18 Jun 2024 08:41:00 GMT
server
gocache
access-control-max-age
200
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, HEAD, PUT
access-control-allow-origin
*
access-control-expose-headers
Etag
cache-control
s-maxage=600,max-age=0,public
x-oss-force-download
true
content-type
application/json
x-oss-storage-class
Standard
x-oss-ec
0048-00000111
x-oss-hash-crc64ecma
7254222543227376410
x-oss-server-time
2
ActiveImg12545063401187408.gif
u9ynnpy3yb.dfi462194mt2.top/active/
59 KB
59 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/active/ActiveImg12545063401187408.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
2d5f8f768fecbcbc66db920df622cfce1c62222646f5396323c72454245b44b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DE30D92D941F79597BD
content-md5
kU5Zvo54gSyCjxM9Y5gjhg==
x-cache-status
MISS
content-disposition
attachment
rid
e37beb38a88c7430760f4dca5a8f69c4
content-length
60068
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 19 Feb 2024 14:06:22 GMT
server
gocache
etag
"914E59BE8E78812C828F133D63982386"
vary
Origin
content-type
image/gif
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
13871581709181283660
x-oss-server-time
10
ActiveImg11017674611886340.gif
u9ynnpy3yb.dfi462194mt2.top/active/
349 KB
350 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/active/ActiveImg11017674611886340.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
ff4078689b0af93abf4475ae9dc50268b29d284746dfd496caa40f1925b81078
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DE3EDBE26E34049AA9F
content-md5
0YEzQA8utbMcOPf6h0nSUA==
x-cache-status
MISS
content-disposition
attachment
rid
78e7eef193db2f00602f04aeeb88c2ce
content-length
357098
x-oss-object-type
Normal
c-type
pf
last-modified
Thu, 07 Sep 2023 14:16:48 GMT
server
gocache
etag
"D18133400F2EB5B31C38F7FA8749D250"
vary
Origin
content-type
image/gif
x-oss-ec
0048-00000111
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
13594441062857553856
x-oss-server-time
1
ActiveImg1393890411855744.gif
u9ynnpy3yb.dfi462194mt2.top/active/
350 KB
351 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/active/ActiveImg1393890411855744.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
8cee4412c0017058f1126b66eb3172e5c591997ae92a59cde508a1ff1db01f68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DE3FC4F3FAD04310CC4
content-md5
vin6aUqQsnbJ3c9S0BTNlA==
x-cache-status
MISS
content-disposition
attachment
rid
d963103cb20e757f326df6ae60840390
content-length
358359
x-oss-object-type
Normal
c-type
pf
last-modified
Fri, 13 Oct 2023 12:33:26 GMT
server
gocache
etag
"BE29FA694A90B276C9DDCF52D014CD94"
vary
Origin
content-type
image/gif
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
17047666274106837143
x-oss-server-time
2
ActiveImg15537635291182705.gif
u9ynnpy3yb.dfi462194mt2.top/active/
693 KB
695 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/active/ActiveImg15537635291182705.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
a69f1bbd78edf08fcb0b74b29921292475b34c50fa52603fc3b5efbf94b42b50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DE368A37403AA37835B
content-md5
o4GwMYp2BrlqjE7PfKNs4w==
x-cache-status
MISS
content-disposition
attachment
rid
9e53ded7b4901d47ea0d419dcc8359a6
content-length
709763
x-oss-object-type
Normal
c-type
pf
last-modified
Mon, 25 Mar 2024 05:22:37 GMT
server
gocache
etag
"A381B0318A7606B96A8C4ECF7CA36CE3"
vary
Origin
content-type
image/gif
x-oss-ec
0048-00000111
cache-control
max-age=86400
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
4809391922698244679
x-oss-server-time
1
ActiveImg9132390964203745.gif
u9ynnpy3yb.dfi462194mt2.top/active/
992 KB
993 KB
Image
General
Full URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/active/ActiveImg9132390964203745.gif
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
a315d90ee877ec77adf4dcb151307f4c2ed3be5e623302b6c2030322bfada036
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:27 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-oss-request-id
66717DE364BB29C3D593CC47
content-md5
neXZexEv+LiKV7PxFLLRgA==
x-cache-status
MISS
content-disposition
attachment
rid
702414edeb183dbd731f20e665504e8c
content-length
1015471
x-oss-object-type
Normal
c-type
pf
last-modified
Thu, 07 Sep 2023 12:31:11 GMT
server
gocache
etag
"9DE5D97B112FF8B88A57B3F114B2D180"
vary
Origin
content-type
image/gif
x-oss-ec
0048-00000111
x-oss-force-download
true
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
14083211365579209792
x-oss-server-time
2
recharge.57caf97b450c557b8d4d.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
2 KB
0
Fetch
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/recharge.57caf97b450c557b8d4d.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
9e38372c79a9616db2e08da1896679af6f915532e4e0454f0fb4c5868cb36f57

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:28 GMT
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE4F27FBE3632F3DA2D
content-md5
IP/WlcJVCItIx4T4UnUD5Q==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
content-length
1627
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"20FFD695C255088B48C784F8527503E5"
x-ws-request-id
66717de4_PShlamstdAMS1ei13_22445-9945
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3664757007914264073
x-oss-server-time
4
recharge.2cb1bd3b7444bdd0ff5f.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
4 KB
0
Fetch
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/recharge.2cb1bd3b7444bdd0ff5f.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
61fb09ef75c537fbca7a11eb083bf2930ee71cbc0c8a03a66c90cc3a762d7ccd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:29 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE54C8B3733328F2AA4
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
Wmtq7kA52tU7CAkVzMcQ/A==
x-ws-request-id
66717de5_PShlamstdAMS1ei13_22445-9958
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
2698683913657491424
x-oss-server-time
0
pay.c732e716c0f079e8443a.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
45 KB
0
Fetch
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/pay.c732e716c0f079e8443a.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
26ecfe316d394b45a18ee078d8dc798aa327e701ad17c1dd3fd164b034c41545

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:30 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE68A23F738348E8AF2
content-md5
hyXxoH+3OE+i+X753g3zAg==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:59 GMT
server
AliyunOSS
etag
"8725F1A07FB7384FA2F97EF9DE0DF302"
x-ws-request-id
66717de6_PShlamstdAMS1ei13_22445-10002
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3934010224903514303
x-oss-server-time
5
pay.a0d6227a3d50f7a197af.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
18 KB
0
Fetch
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/pay.a0d6227a3d50f7a197af.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b8e95a0e89184b9276ac27b4453bcfd37aca9a874eeccc954d0cc0af7caf8611

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:31 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE75337553534E3EFF6
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
rs0FbQ5MeHB781PjQSFyPQ==
x-ws-request-id
66717de7_PShlamstdAMS1ei13_22445-10082
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
17122815665045505878
x-oss-server-time
5
event.fec58563d85d2c0cf4a3.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
32 KB
0
Fetch
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/event.fec58563d85d2c0cf4a3.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
b8cb5377f405cbd8960467b40e3157c4126fc76c515051dadc1ac0b684b7e623

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:32 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE8829A18333747D558
content-md5
uLDHAGoKQQO9QQj24WFOsQ==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"B8B0C7006A0A4103BD4108F6E1614EB1"
x-ws-request-id
66717de8_PShlamstdAMS1ei13_22445-10134
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
1620835675141029270
x-oss-server-time
8
piaspeed.png
119.31.254.30/
2 B
462 B
Fetch
General
Full URL
https://119.31.254.30/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
119.31.254.30 Tokyo, Japan, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Tue, 18 Jun 2024 12:30:33 GMT
Via
1.1 jp184:6 (W), 1.1 PS-YUL-04m5h73:9 (W)
Server
nginx
Age
273166
Access-Control-Max-Age
3600
X-Ws-Request-Id
66717de9_PS-YUL-04m5h73_52584-427
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials
true
X-Px
ht PS-YUL-04m5h73YUL
Connection
keep-alive
X-SafeLine-Ray
SafeLine
Content-Length
2
piaspeed.png
oplgfft31i.hfhcpg.top/
2 B
346 B
Fetch
General
Full URL
https://oplgfft31i.hfhcpg.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:33 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717de9_PShlamstdAMS1ei13_21174-63808
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
5j4b71p5ne.hfhcpg.top/
2 B
345 B
Fetch
General
Full URL
https://5j4b71p5ne.hfhcpg.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:33 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717de9_PShlamstdAMS1ei13_22616-3226
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
ylsp2jobm7.cjvnjz.top/
2 B
300 B
Fetch
General
Full URL
https://ylsp2jobm7.cjvnjz.top:9003/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:33 GMT
c-type
pf
strict-transport-security
max-age=31536000; includeSubDomains
server
gocache
x-cache-status
HIT
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
rid
031dd341df8ecd5436fdac10f939926c
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
mheb5zoder.n8yudyplqd7r.top/
2 B
300 B
Fetch
General
Full URL
https://mheb5zoder.n8yudyplqd7r.top:9010/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:33 GMT
c-type
pf
strict-transport-security
max-age=31536000; includeSubDomains
server
gocache
x-cache-status
HIT
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
rid
7c8bbb42fcf88d65a79d490a5d25512b
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
1px7oj2ajoul.gbjoiv.top/
2 B
346 B
Fetch
General
Full URL
https://1px7oj2ajoul.gbjoiv.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:33 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717de9_PShlamstdAMS1ei13_19947-11743
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
l6odw9inyei0.lxdlum.top/
2 B
300 B
Fetch
General
Full URL
https://l6odw9inyei0.lxdlum.top:9006/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:33 GMT
c-type
pf
strict-transport-security
max-age=31536000; includeSubDomains
server
gocache
x-cache-status
HIT
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
rid
84006c25b7cf75bc83d1f55cf9152676
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
wgsbljxqaw.cjvnjz.top/
2 B
300 B
Fetch
General
Full URL
https://wgsbljxqaw.cjvnjz.top:9002/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
gocache /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:33 GMT
c-type
pf
strict-transport-security
max-age=31536000; includeSubDomains
server
gocache
x-cache-status
HIT
access-control-max-age
3600
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
rid
3a7304328a2ca4d8d4c58199d8a9af0e
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
hkppzigpbl64.l4rdf9d9q1d3.top/
2 B
346 B
Fetch
General
Full URL
https://hkppzigpbl64.l4rdf9d9q1d3.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:33 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717de9_PShlamstdAMS1ei13_20198-41344
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
tgjho4leecy2.gbjoiv.top/
2 B
346 B
Fetch
General
Full URL
https://tgjho4leecy2.gbjoiv.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:33 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717de9_PShlamstdAMS1ei13_21063-31817
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
piaspeed.png
of5hjr6rj76u.78udk0ie3gby.top/
2 B
345 B
Fetch
General
Full URL
https://of5hjr6rj76u.78udk0ie3gby.top/piaspeed.png
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software
nginx /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:33 GMT
via
1.1 PSxjpSin5ll149:1 (W), 1.1 PShlamstdAMS1ei13:11 (W)
server
nginx
access-control-max-age
3600
x-ws-request-id
66717de9_PShlamstdAMS1ei13_22029-8435
content-type
image/png
access-control-allow-origin
*
cache-control
s-maxage=315360000,max-age=0,public
access-control-allow-credentials
true
x-px
ms PShlamstdAMS1ei13AMS,ms PSxjpSin5ll149SIN(origin)
x-safeline-ray
SafeLine
content-length
2
event.dff14c19f77528bc3449.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
44 KB
0
Fetch
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/event.dff14c19f77528bc3449.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
17940fe017837565fc0d4b3a8c940ac95431c1eb8d30ae888dee7666d962ba10

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-oss-object-type
Normal
date
Tue, 18 Jun 2024 12:30:33 GMT
content-encoding
gzip
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DE9D14BBC3230F021CF
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
content-md5
Vg+zmaZP3dlFuPANI542QA==
x-ws-request-id
66717de9_PShlamstdAMS1ei13_22445-10164
content-type
text/css
cache-control
max-age=31622400
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
x-oss-storage-class
Standard
x-oss-hash-crc64ecma
6254772731309435361
x-oss-server-time
23
1012.0be3a6b06ebb6e73045d.js
ysq5dvk35d.vsifmaufhn.xyz/assets/
348 B
0
Fetch
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/1012.0be3a6b06ebb6e73045d.js
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
f2f71cbc092f754cf4eaedafcdf2aca79b883718ab2c48b9f9293bbd0feac5a6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:34 GMT
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DEAD14BBC3734802ACF
content-md5
FbL+xqFpc0pVatIS+41Zwg==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
content-length
348
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"15B2FEC6A169734A556AD212FB8D59C2"
x-ws-request-id
66717dea_PShlamstdAMS1ei13_22445-10187
content-type
text/javascript
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
3831756329894386301
x-oss-server-time
1
1012.40b1a56f5f70f1308f4e.css
ysq5dvk35d.vsifmaufhn.xyz/assets/
983 B
0
Fetch
General
Full URL
https://ysq5dvk35d.vsifmaufhn.xyz/assets/1012.40b1a56f5f70f1308f4e.css
Requested by
Host: ysq5dvk35d.vsifmaufhn.xyz
URL: https://ysq5dvk35d.vsifmaufhn.xyz/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js
Protocol
H2
Server
-, , ASN (),
Reverse DNS
Software
AliyunOSS /
Resource Hash
48fc475629cc4860cc481ffefbcfab88d98bd02ae6ac1269a17a6fc862cff572

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ysq5dvk35d.vsifmaufhn.xyz/home/game?gameCategoryId=0
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 12:30:36 GMT
via
1.1 PS-TPE-01FGe221:3 (W), 1.1 PShlamstdAMS1ei13:11 (W)
x-oss-request-id
66717DEB8A23F7303324B3F2
content-md5
ZA760+9k8xGUDzdKaQJrXg==
x-px
ms PShlamstdAMS1ei13AMS,ms PS-TPE-01FGe221TPE(origin)
content-length
983
x-oss-object-type
Normal
last-modified
Tue, 18 Jun 2024 08:56:58 GMT
server
AliyunOSS
etag
"640EFAD3EF64F311940F374A69026B5E"
x-ws-request-id
66717deb_PShlamstdAMS1ei13_22445-10214
content-type
text/css
cache-control
max-age=31622400
x-oss-storage-class
Standard
accept-ranges
bytes
x-oss-hash-crc64ecma
9554868107578888388
x-oss-server-time
59

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
u9ynnpy3yb.dfi462194mt2.top
URL
https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/1-0-common/web/home/icon_dt_pmd.webp?manualVersion=1&version=v4.0.350

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 undefined| event object| fence object| sharedStorage object| LOBBY_SITE_CONFIG object| LOBBY_UTILS object| initSplash object| imgSupport object| webpackChunkmy_vue_app object| __core-js_shared__ object| wgMock function| saveAs object| logsMap object| webPushLog function| filterCSS function| filterXSS object| FB function| fbAsyncInit object| MTpushInterface object| __buffer undefined| __fpjs_p_l_b object| MonitoringAnalysis object| ReporterMananger function| initGeeGuard function| CnWcL function| _gct object| GeeGuard string| gt_local_id

1 Cookies

Domain/Path Name / Value
ysq5dvk35d.vsifmaufhn.xyz/ Name: gt_local_id
Value: YVOJ+/2cuIGQngjxQWsdXm/PqQXNVtXKKSdH/mTZbQjd2a1UuNMIwA==

7 Console Messages

Source Level URL
Text
network error URL: https://u9ynnpy3yb.dfi462194mt2.top:9001/siteadmin/skin/lobby_asset/festival/173/1-0/sprite.svg?manualVersion=1&version=v4.0.350
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://u9ynnpy3yb.dfi462194mt2.top:9001/cocos/maintain-time.json?timestamp=1718713816669
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mdppr0xqcjdy.nd1hpdujs344.top:9007/siteadmin/skin/lobby_asset/festival/173/1-0/sprite.svg?manualVersion=1&version=v4.0.350
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://mdppr0xqcjdy.nd1hpdujs344.top:9007/cocos/maintain-time.json?timestamp=1718713818032
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://xc06l2-878-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/173/1-0/sprite.svg?manualVersion=1&version=v4.0.350
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://xc06l2-878-ppp.oss-accelerate.aliyuncs.com/cocos/maintain-time.json?timestamp=1718713819658
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://conn.webpush.theengagelab.com/v1/auth?user_str=undefined&appkey=0b9548321a0e456926a250d3&is_temporary=n
Message:
Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1px7oj2ajoul.gbjoiv.top
5j4b71p5ne.hfhcpg.top
conn.webpush.theengagelab.com
connect.facebook.net
fpnpmcdn.net
hkppzigpbl64.l4rdf9d9q1d3.top
l6odw9inyei0.lxdlum.top
mdppr0xqcjdy.nd1hpdujs344.top
mheb5zoder.n8yudyplqd7r.top
of5hjr6rj76u.78udk0ie3gby.top
oplgfft31i.hfhcpg.top
riskct.geetest.com
static.geetest.com
tgjho4leecy2.gbjoiv.top
u9ynnpy3yb.dfi462194mt2.top
wgsbljxqaw.cjvnjz.top
xc06l2-878-ppp.oss-accelerate.aliyuncs.com
ylsp2jobm7.cjvnjz.top
ysq5dvk35d.vsifmaufhn.xyz
u9ynnpy3yb.dfi462194mt2.top
114.119.189.26
119.31.254.30
138.113.211.72
172.65.194.65
18.162.246.23
2606:4700::6811:6c1
2a03:2880:f003:100:face:b00c:0:3
43.159.107.100
47.252.96.19
54.192.51.93
0222e74298dc1ef7b374aece73655719f6c72f322bfd80c1860e38faebb76af0
08f50a7e89fdc98cc0c3ce286ef7113aa7e53f9dbcaa333ff5901b91033e2a67
09226fe11c0c608ab0740e91bb335947c5252631aba0ef7a43099602437952bb
0a5573f72522d7018a917c4489f6bfcf2d06111c2ff62dded828e2f016445935
0af4fe8a47920bfe6ab607d1120a6e67a54a205fd50b10075f2fe1f3389c931e
0b573bddf354217627b2d18ca1cefaa7a997568e64166a7c9d6872038f225025
0bb5c53e3ff477fa980a9d39742e11c63908456482d09538e5e1d9bea8e95903
0d23d1d3e0878a5b2ae6ec3e04960b299862a1e2d5ef359ae51d4286e294fa41
0d6a7f07c7dd8ec74591fbd7e7d579e849fd1de9ff8c7a36381b937fe3c4d544
0ec9c20c069857006a0be5799efca55c0cf96d98d05751f9889fb7d1dae32e17
0f4ed427966b4bafb1b6f5e2ed6642be4dae9316d4cef326c5030219e6ddba4c
0fcd02c22d90259f16d72f47bca26156b9e141919cbc36cea8218327177703a7
17940fe017837565fc0d4b3a8c940ac95431c1eb8d30ae888dee7666d962ba10
198ae223e75515a9383ed2cbb2a6c2d81422a07d85690095b37af0faba749b63
1c8223c50eaa71654a61d36c36770bdc1facc41b9095360b620f90a4dc7dd0e0
1de73a220760453efe00ba9af03e9430910d8c5c3c82dce116cbdc817c7bf5fe
22ea7f15509824e86aa0900e5d5f5301734214443ee2f415a6011b94f2bfa821
25af9eb8d862d5b948801058b5c0ed33f064702e7d6a37c3d289ca82aab2d97e
25cb1e75b02f7c9852a8528f7cca2b617cb9cc78c0da8f6f93297b529be58f28
26ecfe316d394b45a18ee078d8dc798aa327e701ad17c1dd3fd164b034c41545
2831f812850d2a87178a49c6df05c662cd0aa887be19cf7fe846f20f3bc7d865
2cb1fc918ed2484fbdc4132a54da322a3130012bfcee80818b16faccede6da38
2d5f8f768fecbcbc66db920df622cfce1c62222646f5396323c72454245b44b5
2db71c8080e6eb4c64df2538e49150a48dc47ce33bcf09116178e78838886f6b
309a71557cfcebee7e178ebfb4d1930cb24d8bd96692ec623e32bc0e9c8a1f08
326666e2c804cafb8fca74ab4da53ccbf711dd46e486e905dce6f745f2f1e62b
32e3ae899ed5a52cfc5be2703b684947b5474aa8e176c79e2c2793169c157d4c
3897055151c26aa7855011682ca69c926458d5dbd8169d1e4880fd5ce1de920e
38a0bc776de4147401d1c613b5ad0be394443decf7b45775f98dd9aba7eec491
38ef2d791b807288b1ee05b9700d3855281fb88730e348bae10cefdcce464e27
3ad7a15ea5ec8fe0ee49ee9073499d277de96e403d38ed1bd135d64ef0a1b3d4
3c6e87d91913ef1bdf80ef25f55e2d1a84661e5613029f5b608005591ebff569
3d3f344a93a14cb048f339cf317eb9fdef1c1d17c21ccdaf4ff57d902146fca1
3f1e8b18f11e7a4e47b35dc8927a915a2aa622d2a93af5033da1bce413c6be4f
40857b72da4d57f3c3e3638b2f7e5089489468788a4fb44fe827617dc722b085
40a57c4f96c3bef9013447a869b2c0bfc112ecaa671779a744b229ce7b374080
415e75643a6fdb3be0685d44f98a51403033fb5bd85d2dfd0c118e6641fba653
44d5041f007d30a9b7079bd3a42ef6da96c4cda10a25b1bcc5a0a6f92b0aadcc
46472380403ed98e39e3c1002c431bfc9bb9187d1ed7bf75834a4f087120f17d
481dde1414f9a9996cf35cdb7a7fa412adc6b6d41569c9552718e1362da342e9
4878b7e55392b0b65d5f85057f93c9cf453ac78c1451378b21f0b61e0f199bf2
48b3f7a9c02bbb2238cd7d84a9a04d694906acb38e7be1300d5fc41f409ef11f
48fc475629cc4860cc481ffefbcfab88d98bd02ae6ac1269a17a6fc862cff572
4a9836893abe4bf575847cddde691dcb8ea9e8de3f1cd65ec0d4c66f8f524c3b
4b4877375a7af765e2fa097e240b7051b28ca8133929ee7d44c49fedb8231591
4d77e01d895472fc4f8c33c607913d30912de963501c566f178f5a9c7998adfd
4e89748aecccae426b960630a5336069417ffad213d305d29c261bff0f6f09c7
4e8d31fac40f4b79b02267a71f5cd287766b7edeebad565badacb17b7a63ba2c
4f6c1a203f13451f8b17529be6ad95d805f7d7d5aa31834582222e74709781da
4fd20045e04f7f7b74b9d2ad18ea124fcc8ed1e7e181c0b6d0f4d5b555d8be6c
502d015f4e694e0bf739b4debe595ee005dfca7c16cf0b4b7e9d806014b1303d
5183cb717b1205f97ff09c894041114a2350b4b4f4745023326eb4eb7bfa0db0
535b1b4683a5bb0b95244e2e890bfe94dd5f6af1848948a309fda48877a35a0c
5557a0b64252741832999343799211142c2c3cc5cb3d5a8808db8e2db3fd9442
55a098ae96ca6779c921981ee711773943c45d518103a2a889d8fbaec53a36ec
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
576bccf45d5bc1e29be69a49fd9dabad8bc9ea14448a0887a24d1e1c7b000ca0
57e5a5e759fdc4404e5c9e7252115d66f411437a3d011ff4757b884ac23a1794
58c1f0003da0f150656436383d15b54c770b7092bb17d282c67897fbecb21415
58c28bd38e4bab7206c17ce2a81be9429da2439df82112c0abe1f6600fc52d09
5ad921d2cf6c1ee18824c4264a5f5cfe2fac6b7ca92df06204b5f07944355beb
5c183acdaa09073a1c465fb31a3d2f5a3da99aee8354d59a6e53026a1afbcca1
5df6f0846155623d6238ab47f1720608817fb0f8b56190247b22efb0acde95cc
60b234201611fe2e41c22cfabe6d9a6e6fcbbaeb411f1c88e2e0830dabeac6a4
6178b73d3855366779564098fbf36516c0f69e46b5b92d1b29f9ac2ef44526e4
61fb09ef75c537fbca7a11eb083bf2930ee71cbc0c8a03a66c90cc3a762d7ccd
62ee1198cf40758a2d3a919eaf275b832b609b9660a3aae7dfc836026a79feb6
6584c85e30d61b232bd133c55a68ab62be14da5192df14983500e2b1eb6c674b
66b4b159a776b9b800d5b88489756736d580b555d5ace5fe94cf9d7597ec2896
673acff7c1de96eca6522bcd8f83b7d8484a4aec6c096b09a32ce102ec851568
67acab4aa9dabf9afba7ca8fca5852f6a92eaefc8ce6ed4c33002e4a80cc7902
69d0367e67d90a41c3a54cb3abc90e0d9288fd21d81473eb4892cc708da585a4
6d062534cca1d8e55a8e602d33dab289c0501878b5a55a41c765aaf6fe6b0197
6dfef18d214e1a7f08b81fd29016fc35ec1fa664216ac93e3521d2278cff13c6
6e119572fe535553e39cd8b0ed9825fe1fa1a47926f28d57b84b4264329130b9
6fd76bc75fdd06ef2102446f20ec3394959f64d21b338ba2b1c924bdfe44e58e
726665254f4b0a564a67e5f1de2aabe2038184f4a8a3479c7e0805d139c15bad
72ab0d980ba12876ea63de0e925994e748d0bc66d5d0073dfb95ba5b0a80b545
72e141e50c8468f4af61394def9226b72a866eb59e615c4037d7efd11ff0b202
73fd95c83b36d3aa1c0a2fe9125bada591ed02b7408b9c26ebb1b983a0908938
7430f7c516c41e28390e8c5a84124204fd0b3bd8e917a9d026b768a901fe6ad3
77908f613c39ae633fa247a44b1d51acf1b95197365c7f141099cd73e490d452
79273aa0fe5c98f6e79c6e58b8dff3c7135f099bc5925830ae0f924ca8da847c
7998e3d893fbd2628857c94ad407c1c87141902698a734de0a01d2a03d186b25
79daba92252c407238103dc33f58f8ac21bd7006f474c033ff13171f0004c284
7bd53601c3d6cdadf1414cc129483dc756fbd455f4592f35b968eea738f3f038
7e0cd74b6dac966bb8ca087085ca83c998c4d770df860bbbcd601473d6b74fa8
7ee18766441fe9b689a58fe39c47fb865e545c83b247b4a24eb8965ba948fe79
7efb1a9a98656670abcf38800ecbcd44cf9d9ba103a763353412a0fe5974f357
80e6f904090b4f2ace0eb221248ee25bdd5d8b0b185ab5651e9046fdcc2b9047
8201cdbf19f4a997e5c885acf0c4c0bc7d4ddfc2a00d55b9ba4f5d5385f51e1f
82341aee16d2541d507623f4727ac54ef4776400e97522941d1358c41008fe03
83d8490cc53f596458bec782e20ba778a0b8c5d206d9f2dca3fa9da47a17081d
85c5911d6770cf959980a3a19f0c7db26de0cb9b7a4a1f3801524c99a35436a7
87c62507bff29302a3ce4bdd54369de7cd675f9165876efc89ddde079da09f9e
88b1f8b6b4860297ab7d26ab7ac51f9056a3de6f02b01d77a57b5e606095cfa1
890bf4ff46b24c5b1e44fd81d5ce3b3f9a76c58345ca6d1596eac50786c24c51
89b0ea2ee92cd41d549993994399dc5c84e7bd6843338a012717b83dbaf4aa69
8b55fc4afecd236e27f772a7cbe0105c4e4568acbb118c2a8b65bedf59742e78
8cee4412c0017058f1126b66eb3172e5c591997ae92a59cde508a1ff1db01f68
8d8e9a60d595d08b151190d9b2da86bebe17f0f4e43318e329b45dd141d5d9ef
8f3a85f1a4ff518048b6272e4695855788055bbacec38bad6cf9a3b99cb43651
8f9183c9025e4c8ae4ebfc2895faced5f0a8e2e95eece72e19359e99625ad76f
9041af434ed5779b12f618e94d7ba7ce615d34143f243a425e37e5d12a63a366
906c57a7abd81e196f9f89046a231ddb9184afddf7731046501f895ef52b1f99
9076cbc5869caac146a98c66b6e62c84dbbf7e8b4836bad7e520061fc57089ce
90e152337c4e1fc4485d5ee6d51aaf7f1287eb1561b86e6dcf678de7ea00bf20
91bada025199077d024488fd3ea6a3caca0f1b6e2852edd16188fc78cf1d71bb
97a36d99f6a31ede93e7b99f21c94b9b1b91276cbaeb4e90197133c7dfe05ff6
97a73875181ca09c292cb2989503d4cf543e80e74a3e7f825b00e0fdfe94237a
97d9f60a8d889c9f037bd0fda882f76bd316aa4a9b53918457d5ebab43a02394
97dc9835b26adf12a447b1b3606c1029e95f06d5898c48b4b13bf29f1a542ee9
984786e78760b521ffbe7bfd0ac2db0c2a262af56f3cef87addb244cc5c08e5e
984a79b5b6ddb61594e3c9774933b4c33196d719d44532d589173ad6886791b2
9c62b1499a1c42dcf4a61653b7983b540bd000573de0a699b7858bb0b0f601c7
9c8f3a924c8e0131a2fd7c9171117bccc975c50130091855a01c914042a4c8e3
9d98e87b3f773786c524f3c5b61d5bdc45e4c788aa4f19e466ae9b52704f3208
9e38372c79a9616db2e08da1896679af6f915532e4e0454f0fb4c5868cb36f57
a0c330369f6600cbe8805d9d9ce98f2ed10954f9bad71a493700f7581b7f6d02
a0d8c4dffcfae62b0cf302a5a12bf87f55ca9e556962d53984703e01493b4d05
a113ca884d5fcda11ec0c3cecb9d21f4846a9aeb8cb3967a9e1afcb96ee630a0
a315d90ee877ec77adf4dcb151307f4c2ed3be5e623302b6c2030322bfada036
a46b9baf209ce0165351bdb1571e4f43e0326038e90332f49c3928a2b0508649
a53fcec876eb94e15b517483991ab10b79e51e1f72165ac73daaad46494ce99c
a5e41a9c93d0dd19da7c70c43a10e31f89696b5ed14115490dd9d2fee8f8b168
a610e1423cba37e906bdc4393174e0f2094a85bd756845fa48b2549a3a4b1ec4
a69f1bbd78edf08fcb0b74b29921292475b34c50fa52603fc3b5efbf94b42b50
a69fa3ccd6ccc8b251dc3609f2c4a2c399e3f94f4583ad590db81c9622cc305d
aa19fbd37d1336727d9c73db4d8f87a03584594b6f2b8438fe7d49313d8c5d48
aade883a8048954f47b5053db7dc9e6c301306547d0f192571a7c949462a3a36
adb0d7cb42ccf1aa04887f00aa5f67bc8ac70b4ff75d5f745f51138ffc848938
b275e365f61b3f9fdcb13e56aa177cf319f27887761bb8e4e1878d76f61c9ef7
b2dfa19bd98ab4a9fddb1f7adf1a9299e10fb349738bef1f2889083abb9855e7
b2e4a84df00a0ad6ea9351ab1f40ded19281270d6f73a5e769fa291a36a2af4f
b31400b92b43fdecb3da3189faec45089551743cf463580d058b517bc7356c45
b3e4351b55a38f15524ff2f94838789a0ccdb04d9313d49f45eac8f979dc73a5
b5a91ae6a68da9dd0a153313affaa6061aedcab73eaeb2feab7177f57139dc3b
b899e2f447ba58f102897f23fe814d9bde8b9b00f320c8d5f0ead7e86cb5f4ca
b8cb5377f405cbd8960467b40e3157c4126fc76c515051dadc1ac0b684b7e623
b8e95a0e89184b9276ac27b4453bcfd37aca9a874eeccc954d0cc0af7caf8611
b8fc73c2357e7bc188a8a3f85a9ef9687e0d826a0d2c6208af77892c313ab7e0
b9659119a3c7b13f8d4ac0449275295fa84d46614c5dcfb159b2de90a153ecc1
ba093fe96862f9b9013edd7c3147d5f5b77e40107edca431fe29d6b40ad57912
ba48efd392bbdaa7ab38f4b6682f62828034d1cfadb14d02cf24d8ad044c053c
bc424bc2e1491d9a1365bed369b38b7745c38cb1e9d488ca5ae374fcb5d188f7
bca8819325109d147522d140e13a1c89ab2bf6a647188113d95819493546f8f8
be65050fd3967355a2c37eac6b52bd04be7fe09cc726826acf73d136ffaad0d4
beb78d667055fdefa9a9e19a5dfdfb8abdda09d643e24db1daef79673a712222
c0f0656fc5f8cb722c9631746b13ac4c63527c5a7d66858135dc54d76a396d26
c1912af451d41169107500e5d3ac76a523906163882d79844d4eaae15aaace42
c2a97047a8b2e3d47c313b3d78c78a217c95c54ab2b43059b8106786b8c9ffcd
c2df190903c5d0e92c2d24a9254bfb27ee1dbde790b4eaf7e3dbf8f7f3f83adb
c54e8eef343ddf228ab711c9f924df5197906aa4c3a7a856cf59017da10d2472
c5966601e5bb2796859a88fb90a597ee7c85b45bebc1f490651a2ce5d36aefdf
c7d5a459ffcef60356d5b15615583d02415604953f0ee15713286bebb69df0b6
c8a2ea77c506d68eddea1a27762f83809b32e487d95434d6845095cd921f9917
c8f1e2875f04cc67a72b87fd50a65dd3e30755a0bb38c0e2dd00ccee193f4b18
ca8fe80de3707a26a3df96efe0a05455fa3fb681a882860bd7eb480902cf7b57
cb4dfbcb67742413d8541c3e8572e52f3bbf69a1618857e6da9460a7aaf4d1b6
cd77baf5c92b4d189707bc93e6eb78d6bbc43f24a13ff5ee90c84763e690229f
cea6db23823934b4edb4f05abd596cc5879777af058e14f9976f1b103f9f9323
cf88740301a952a560832fbbde2178eac6d90271a45933aaa1fca28fc5f96f9f
d13c9255f5ad32bb2ba8aa17d8dfa354f7197c118b4f60a310f972cd822b256c
d1c0bcf4d49a938c51b7771c663d799f84469ca270514bea16f64dbcbff3963f
d3896a73b93fafcc8994646aeb1191ea8486a4700150daf661069d6daae97665
d4c9767ac979d9e9cd9aa41fede68fc4fc36608bb5f2ff3d95de5f886ce912a0
d5015baf7055716490150e84cef43cc4bc00d175a17e835148b7a68cbb4015db
d590a067a5e53f9fd175c2208c8868cb1ffa41196c89c7cea571d816fe8c5d2c
d8307119f24e5c07fae80cb8e736ecd818f02602c8dfb09b5aae8a5c8c1cc37e
d91f2866c49bddc3f9e6d24d02d44c489fbdbb9a5880ecc52aa9e345bfda1fb9
da934180258c7b6a17b99bb778d9394f1f4a91e83f80d56093b793100323748b
dc7a5fbc58dec8a47a30ee12ff3f2c5b9c23ff6783ff74c4c405e8acedd37c9c
e3fc400fa4e906282784cd3ada73fca55a160fc88e235d3885ba671e0e44587c
e47480be601754a5b869ac4445c709cb9f56d08aa0ef198ea67e8686553af977
e54f33c280cc975181a4aeb84be0f3ed226a3ea98c355fddee2e48c920adc80b
e5b79a697b4f98f7b4f39979d0cb3fba26ce67b9f6a1a34e4b085c7a7425ac49
e685a3e2626b5be478fef0d889ffbe20174ff240f6dd5d1bccd3228bb62e5f58
e7f5c3176818e414720fe53b9431afff5253c9b468be858454c84d4ece7bff98
ea6092cebf06bc698f5378170544cb1953fe0d3dbc3a8d9fe3a60326529d9efb
eaa4532ffb0612bc5baf54dae58cfeb25a5a644dbeec379e12cdcf365ec9e202
eafbd454eb5b992b9f2857da1e4a8f3f42f5cab2923b36451e92f9e9fe13b6d8
ebdeed5b461dfec8559d3bc9bc6ff73d0eb134189e13a63135a15696ae373559
ec70e3657e7b2820c97322643dc9e3c3e6d957247a7e9dcd530b7ea483243e49
edb5e4f5fa22c7622f0421ff037b2a0c2d41aab6557f9c5d1c80f376ee5e4346
edd2d576431e1e2488bbe5b5b14f7bf4f78f83e458ad7a16bb89d5f53fd30043
ef2f7b8fe39fba05d92730366ca0863bbfe80152a5e259dbe6263f775fa1cadd
f00fbb64cb2a001550e7845be98b2baae870a912f9f2a3100688c6d114d2f3a8
f0cd2bf31fca38dff315209bcee23817275116c4e2eacfa775788a396851c632
f2f71cbc092f754cf4eaedafcdf2aca79b883718ab2c48b9f9293bbd0feac5a6
f4ee5aa9b7c0aa811181adebd4444ea595cbeea5bf4403fe6a7f36626c999031
f6b867ccd9e2f07f6b63eeebfec8dea030de76d2bfbc8df28f2ae3be87ba98a9
f92a008f646d4a7b42b8816d07b07f4a36a96485e22b3485e4dfa40136c20903
f963a40715a0d47a8c58a38c7f4b0836643b285043553055f5c08f8b769e17b9
f9dad05895bc5a1cb647be97cfa146519ab69d9fb60997d0bfae81f70b233326
fd672d9667d2e65eb0cbc17f8a2e3f3852f54feb1cab530970673f95c64343a0
fe1f60b152252ee3bdfd4f7de0fbd66631f87ac60c52cfb9dbb9e7e6c1553bfb
fe9f2b8249572c2cf05dd565684a95c757ab1ce9d3620a7ea14acb29b9dbe732
ff4078689b0af93abf4475ae9dc50268b29d284746dfd496caa40f1925b81078
fffd62fc34fc93682dc6d30e90afd388bc996327bcf4b6b0985370effff11870