s05i0wu4vq5m9e4x.app Open in urlscan Pro
16.163.251.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://fa03.app/
Effective URL:
https://s05i0wu4vq5m9e4x.app/casino
Submission: On July 13 via api (July 13th 2024, 2:51:14 pm UTC) from BE — Scanned from SG

Summary HTTP 50 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 5 countries across 4 domains to perform 50 HTTP transactions. The main IP is 16.163.251.42, located in Hong Kong and belongs to AMAZON-02, US. The main domain is s05i0wu4vq5m9e4x.app.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 4th 2024. Valid for: a year.

This is the only time s05i0wu4vq5m9e4x.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	202.95.12.144 202.95.12.144	4808 (CHINA169-...) (CHINA169-BJ China Unicom Beijing Province Network)
2	16.163.251.42 16.163.251.42	16509 (AMAZON-02) (AMAZON-02)
17	104.18.16.119 104.18.16.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	18.155.68.97 18.155.68.97	16509 (AMAZON-02) (AMAZON-02)
18	203.107.62.161 203.107.62.161	37963 (ALIBABA-C...) (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.)
50	5

1 202.95.12.144 (Singapore) 1 redirects

ASN4808 (CHINA169-BJ China Unicom Beijing Province Network, CN)

fa03.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 16.163.251.42 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-163-251-42.ap-east-1.compute.amazonaws.com

s05i0wu4vq5m9e4x.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 104.18.16.119 (None, )

ASN13335 (CLOUDFLARENET, US)

qwerpi56k009fluid.nfjk3hu.app	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.155.68.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-97.sin52.r.cloudfront.net

i18n-vd009.0571kowa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 203.107.62.161 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)

vd009-bhtpeu4xrn-bgp-api.0571kowa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	0571kowa.com i18n-vd009.0571kowa.com vd009-bhtpeu4xrn-bgp-api.0571kowa.com	12 KB
17	nfjk3hu.app qwerpi56k009fluid.nfjk3hu.app	674 KB
2	s05i0wu4vq5m9e4x.app s05i0wu4vq5m9e4x.app	16 KB
1	fa03.app 1 redirects fa03.app	134 B
50	4

	Domain	Requested by
18	vd009-bhtpeu4xrn-bgp-api.0571kowa.com	qwerpi56k009fluid.nfjk3hu.app
17	qwerpi56k009fluid.nfjk3hu.app	s05i0wu4vq5m9e4x.app qwerpi56k009fluid.nfjk3hu.app
2	i18n-vd009.0571kowa.com	qwerpi56k009fluid.nfjk3hu.app
2	s05i0wu4vq5m9e4x.app
1	fa03.app	1 redirects
50	5

This site contains no links.

Subject Issuer	Validity	Valid
s05i0wu4vq5m9e4x.app Go Daddy Secure Certificate Authority - G2	`2024-05-04` - `2025-05-04`	a year	crt.sh
nfjk3hu.app WE1	`2024-06-16` - `2024-09-14`	3 months	crt.sh
0571kowa.com R11	`2024-06-09` - `2024-09-07`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://s05i0wu4vq5m9e4x.app/casino
Frame ID: F5F994852A94BF97A65ECFBB3766FE04
Requests: 38 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://fa03.app/ HTTP 302
https://s05i0wu4vq5m9e4x.app/casino Page URL

Page Statistics

50
Requests

78 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

5
Countries

701 kB
Transfer

2367 kB
Size

2
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://fa03.app/ HTTP 302
https://s05i0wu4vq5m9e4x.app/casino Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

50 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request casino Show response
s05i0wu4vq5m9e4x.app/
Redirect Chain

https://fa03.app/
https://s05i0wu4vq5m9e4x.app/casino

45 KB
15 KB

558ms
281ms

Document
text/html

16.163.251.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s05i0wu4vq5m9e4x.app/casino
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 16.163.251.42 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-251-42.ap-east-1.compute.amazonaws.com
Software: nginx / Express
Resource Hash: 00f7cbd2afffd0b96aa4652a79ff2ee2ad6afa39465ae24294c2a21fcb41ec77

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: *
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 13 Jul 2024 14:51:03 GMT
etag: W/"b41c-Zoc9HJfKsXG/7gG/Ea0qUk6/aS8"
server: nginx
x-powered-by: Express

Redirect headers

content-type: text/html; charset=UTF-8
date: Sat, 13 Jul 2024 14:51:03 GMT
location: https://s05i0wu4vq5m9e4x.app/casino
server: nginx
strict-transport-security: max-age=31536000

GET
H3 200 index-b007f853.js Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 1 MB
340 KB 93ms
66ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Requested by

Host: s05i0wu4vq5m9e4x.app
URL: https://s05i0wu4vq5m9e4x.app/casino

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3b8ab20e5e5827ad5d23c553d0b341787e840b1cbf63b73c8b01175dbd7f00f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s05i0wu4vq5m9e4x.app/
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:04 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: 03X4KMGEHZ3Z33FM
age: 103811
alt-svc: h3=":443"; ma=86400
x-amz-id-2: S9HR2xFEqSbXZ51e/exYGcvf1m0lO43yVehwoneycz5201BzC3eORTzy+SpIcuWYwbnQGqxEAfM=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:49:17 GMT
server: cloudflare
etag: W/"1ba16e7780399bf02ba7c4337cfde476"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16c728814834-SIN
expires: Tue, 13 Aug 2024 14:51:04 GMT

GET
H3 200 index-d6adb384.css
qwerpi56k009fluid.nfjk3hu.app/assets/ 240 KB
32 KB 92ms
66ms Stylesheet
text/css 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/index-d6adb384.css

Requested by

Host: s05i0wu4vq5m9e4x.app
URL: https://s05i0wu4vq5m9e4x.app/casino

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d6adb384485ced87476d806c49e79f151f2f2135bb19ef43302bef6bd02c60f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s05i0wu4vq5m9e4x.app/
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:04 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: 03X6D4J0ZGPKJS81
age: 103811
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 7pE1V6b8t4Qml0CDpQRd2UCIASCjwsBYpsP1TFU0b1BKMLUkrn5ssXlK4t9zHXxVPjHmnjlGrMU=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:49:26 GMT
server: cloudflare
etag: W/"077cee298513dde499d75d2cbc211c29"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16c7287d4834-SIN
expires: Tue, 13 Aug 2024 14:51:04 GMT

GET
H3 200 registerSW.js Show response
qwerpi56k009fluid.nfjk3hu.app/ 134 B
834 B 91ms
65ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/registerSW.js

Requested by

Host: s05i0wu4vq5m9e4x.app
URL: https://s05i0wu4vq5m9e4x.app/casino

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s05i0wu4vq5m9e4x.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:04 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: C1KFNTK5XPNQ3N5G
age: 6
alt-svc: h3=":443"; ma=86400
x-amz-id-2: qzk89w7A88qHACfLWmjYwsrrx/6M6ZFnXJnF76KdXdMyEsedg5ALfPUkDg169nGuyFFk0aswdG4=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:51:27 GMT
server: cloudflare
etag: W/"1872c500de691dce40960bb85481de07"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: public, max-age=14400
cf-ray: 8a2a16c729174044-SIN
expires: Sat, 13 Jul 2024 18:51:04 GMT

GET
H3 200 ua-parser-0e9b20a1.js Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 17 KB
9 KB 212ms
211ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/ua-parser-0e9b20a1.js

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b894383ca1f01e315a47e35013c0e65bb6b7798685a39e913182f86889b88968

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-request-id: MQ58Y5JV9NKFF26F
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 4QDvlm5gX8FY04QYI/m4k+LeLFDHZkQQwfnsYZUeiDGgmsteJYiejNhw5bRrnFCj17c3Upes2cg=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:51:12 GMT
server: cloudflare
etag: W/"f9bec89e3aa43cdb5ff20bbc78000088"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16cb9f944834-SIN
expires: Tue, 13 Aug 2024 14:51:05 GMT

GET
H3 200 fp.esm-abe10519.js Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 38 KB
17 KB 67ms
66ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/fp.esm-abe10519.js

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af92a2426666cf50880be9c7f54f25af5fa6953cd3b22b60d9171053bce240d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:04 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: 5G9M87AF82PNAD07
age: 103809
alt-svc: h3=":443"; ma=86400
x-amz-id-2: IAcpwE6Y5b9Z9iCxHWPKOvSF9vMsVYCfVLQrp3UfswaWoKueZdJ2YXpwcWJBHCvs/nm/A4VyEjU=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:48:17 GMT
server: cloudflare
etag: W/"66d8e11e50fbe7fb091939a0a13d0091"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16cbcfd74834-SIN
expires: Tue, 13 Aug 2024 14:51:04 GMT

GET
H3 200 index-7b95a78f.js Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 81 KB
25 KB 57ms
57ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/index-7b95a78f.js

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0819f7f52433c0e89f68976f9528ae67d49af3f3ff3a1646323aa0c6da75b9fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:04 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: 63R3H5SDB2BEST7M
age: 3788
alt-svc: h3=":443"; ma=86400
x-amz-id-2: w9GczT5uJkqb8/HICSQKLogcIxtOsU7ycJYGzPPKs/9CCi1U+8dOzYjcagl7tP+EUm3W4DYhDlI=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:49:04 GMT
server: cloudflare
etag: W/"45d5b382aadeaf52b69b17e811b83a48"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16cc18554834-SIN
expires: Tue, 13 Aug 2024 14:51:04 GMT

GET
H3 200 im-b45c2990.js Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 10 KB
3 KB 52ms
52ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/im-b45c2990.js

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

662574d7f16b53bfc4a725df11c630d32625db17f2bdee9820074904095db9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:04 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: 5G9Z5HZWZGRABXYK
age: 103809
alt-svc: h3=":443"; ma=86400
x-amz-id-2: q+p+eJgiKoVZ79LzcRs6lcfVgR3n602hvKNJxH/UEyKqkVUkRbDGLDrBpnINL1OrGu+Lp2FUYPA=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:48:34 GMT
server: cloudflare
etag: W/"1266c4db2c2697e8600cafa01ddf1334"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16cc18594834-SIN
expires: Tue, 13 Aug 2024 14:51:04 GMT

GET
H3 200 zh_CN-2f145d4f.js Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 535 KB
138 KB 199ms
198ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/zh_CN-2f145d4f.js

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b6a1f54e198086396b46e6086b419ce61c788fd41746f1506c079948ccd689a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-request-id: TC8743PGBGNNK3MM
alt-svc: h3=":443"; ma=86400
x-amz-id-2: MgwAidCLoyYd2FSSK0RPVPYKIRGKJKxS93sFTXapKeFP84YkLVivgEWFYWcYOo1VmnHGOWcE0Gw=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:51:26 GMT
server: cloudflare
etag: W/"309d1b9151447cda66e71ce7c733eace"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16cc18624834-SIN
expires: Tue, 13 Aug 2024 14:51:05 GMT

GET
H3 200 logo-f5ac4820.js Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 2 KB
1 KB 54ms
53ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/logo-f5ac4820.js

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6cbc84030b009a2340f24f56d9f850983a46b4a5e2f2fb111a46c5e2674543ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:04 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: QJ5BY1V831PX7PKW
age: 3778
alt-svc: h3=":443"; ma=86400
x-amz-id-2: xyBa4GVph1LV+P9YybF624D8mhLxW6gRh0IMXpkldEns7SE0LBTj3YHm1Or6YAb5fHB4i/103ic=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:50:40 GMT
server: cloudflare
etag: W/"34ceab4a08939ba257753075db2df625"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16cc186b4834-SIN
expires: Tue, 13 Aug 2024 14:51:04 GMT

GET
H3 200 region-block-b6703bf8.js Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 523 B
1021 B 52ms
51ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/region-block-b6703bf8.js

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

432c7f3dbbb6a7ca50ba18cdc0f3fda8262ce58961e6a51bac17917017f7dfa8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:04 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: 5G9V4WG90CM7YM9G
age: 103809
alt-svc: h3=":443"; ma=86400
x-amz-id-2: avFW1Y9h3hrpP4kKVuqMDekjU9ppMfsT3xkWjFNvKZnCbMgh4Kgit+BbHzcbbSRbiZtPqrOHcYk=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:50:52 GMT
server: cloudflare
etag: W/"be36b94eb1c2fa4869732a98981ef958"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16cc18704834-SIN
expires: Tue, 13 Aug 2024 14:51:04 GMT

GET
H2 200 fluid Show response
i18n-vd009.0571kowa.com/api/v2/i18n/PROD/version/ 53 B
428 B 246ms
182ms XHR
application/json 18.155.68.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i18n-vd009.0571kowa.com/api/v2/i18n/PROD/version/fluid

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.68.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-68-97.sin52.r.cloudfront.net

Software

nginx/1.14.1 /

Resource Hash

e63dc064cd6275cfcfa04bf5ebab683da7afcc8d37e94fa4b849e59b1370b4a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
content-encoding: gzip
via: 1.1 dff3fc94ddb54b32b708edf2668b23d2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.14.1
x-amz-cf-pop: SIN52-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
content-length: 81
x-amz-cf-id: PRmuxNHvGeovlZD5Axo9a8mfHHZcPLX8__6HmkS07ZV3LGr79hrtsw==

GET
H3 200 bd9-ipBlock-db70d701.webp
qwerpi56k009fluid.nfjk3hu.app/assets/ 53 KB
54 KB 43ms
42ms Image
binary/octet-stream 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/bd9-ipBlock-db70d701.webp

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

db70d701be36cb0afcec5fbf2fcec28f52893cb3fd2ced874c2e1ca6a16e3d99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s05i0wu4vq5m9e4x.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: 7TS9GFQHKG3BN173
age: 137178
alt-svc: h3=":443"; ma=86400
content-length: 54482
x-amz-id-2: S+RtdQTSCmt6nQnEx+/a5+b9hCK4QsMIcisBRtICq4RQ4rTCkJHNwptz1+GtglMUUVAV4+RTUdg=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:47:52 GMT
server: cloudflare
etag: "9d160c2a9d20bde8526cffeb02427ff2"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: binary/octet-stream
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8a2a16cc88fb4044-SIN
expires: Tue, 13 Aug 2024 14:51:05 GMT

GET
H3 200 bd9-service-2132c6b1.svg
qwerpi56k009fluid.nfjk3hu.app/assets/ 3 KB
2 KB 91ms
89ms Image
image/svg+xml 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/bd9-service-2132c6b1.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2132c6b1199447001d06dec07fa72a94b710674fc87120281bbfe2eaab6b8562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s05i0wu4vq5m9e4x.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: KKMZ1F8S7Z8XF3S8
age: 250354
alt-svc: h3=":443"; ma=86400
x-amz-id-2: Zv3ZY6nn74nXyZeUyDK3tYbm6xq1/4qzbVRiHjI7nXK66bHvVobc8S1Mdhium7jjcoAYXsrCeQg=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:47:52 GMT
server: cloudflare
etag: W/"3af446670f3ea28982c82376e327d071"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: public, max-age=2678400
cf-ray: 8a2a16cc88fd4044-SIN
expires: Tue, 13 Aug 2024 14:51:05 GMT

GET
H3 200 bd9-primary_logo-94aaed50.png
qwerpi56k009fluid.nfjk3hu.app/assets/ 16 KB
17 KB 86ms
86ms Image
image/png 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/bd9-primary_logo-94aaed50.png

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94aaed50f0651a165a80039013d5d56d5ceb60a023702875001a096b1e38c8e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s05i0wu4vq5m9e4x.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: KKMXNRY7PGNHMR42
age: 250354
alt-svc: h3=":443"; ma=86400
content-length: 16696
x-amz-id-2: HCGX8+XjrF1n+4CEstDOL6XDExF1UmnAEmDpFdiaYgIBh3g502lOEjlM5A4xC+xxCJDMRUES7MQ=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:47:52 GMT
server: cloudflare
etag: "8bf949c270162aa5f46f678cc2325d1d"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: public, max-age=2678400
accept-ranges: bytes
cf-ray: 8a2a16cc99014044-SIN
expires: Tue, 13 Aug 2024 14:51:05 GMT

GET
H2 200 favicon.ico
s05i0wu4vq5m9e4x.app/ 707 B
964 B 210ms
209ms Other
image/vnd.microsoft.icon 16.163.251.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s05i0wu4vq5m9e4x.app/favicon.ico
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 16.163.251.42 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-16-163-251-42.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 51f52733becdf015f24066af1255eff945117a995f8b5a3515fe3ab40e617713

Request headers

Referer: https://s05i0wu4vq5m9e4x.app/casino
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
x-amz-version-id: null
last-modified: Tue, 09 Jul 2024 03:51:27 GMT
server: nginx
x-amz-request-id: TC84HNX1QV36M262
etag: "09a4f00d1f882a88efb83e098bd445f6"
content-type: image/vnd.microsoft.icon
content-length: 707
x-amz-id-2: klflA05alyIkcFtSCN1yuLBK+Gx6LjDo8lsuwvPasLdhO/NnyLifF8A8tX1SxjhFVj2wOKuzrwc=

GET
H3 206 temp_video-171d08a4.mp4
qwerpi56k009fluid.nfjk3hu.app/assets/ 6 KB
7 KB 81ms
81ms Media
video/mp4 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/temp_video-171d08a4.mp4

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

171d08a4273625dea9657553180e46645df43f2b14ced5e29b470bd8132dda47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://s05i0wu4vq5m9e4x.app/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
x-amz-request-id: W3XP5T904A547RV5
age: 251692
Content-Range: bytes 0-6237/6238
alt-svc: h3=":443"; ma=86400
Content-Length: 6238
x-amz-id-2: CMS7kjLwjpwyXXtqNGEcXP5WpyNvZnd15554BKYRgeBCxZCr+wybX4DjEx2xEYklH66dd2jmFWY=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:51:08 GMT
server: cloudflare
etag: "d4275dbe32ed8f49a4fbfa98c47537eb"
expect-ct: max-age=86400, enforce
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: video/mp4
cache-control: public, max-age=2678400
cf-ray: 8a2a16cc990c4044-SIN
expires: Tue, 13 Aug 2024 14:51:05 GMT

GET
H3 200 device-list-3c44e804.js Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 74 KB
17 KB 61ms
60ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/device-list-3c44e804.js

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fef970be58a3455000217ba6c85bc1b0f476472fff17ae770ee3f227aa6dfa78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: 63R6AFGMHN4X0AGZ
age: 3789
alt-svc: h3=":443"; ma=86400
x-amz-id-2: PIsADkt4anPqLqGsYrJsTkv6NeAW2WigSQHw1qzJcDoKpuDUYgsvGdALP6SyyKwM4sb3G4tXU1A=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:48:08 GMT
server: cloudflare
etag: W/"94dc1181ca5b36267153a0490f4fb422"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16cd9b284834-SIN
expires: Tue, 13 Aug 2024 14:51:05 GMT

GET
H/1.1 200
OK downloadCheckRegion Show response
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/ 161 B
554 B 1614ms
561ms XHR
application/json 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/downloadCheckRegion?device=undefined
Requested by: Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: istio-envoy /
Resource Hash: 893d261dfacee2334db63363b278d2807bc8d2029e976deb601c1407caa5ab2d

Request headers

browser: Chrome 126.0.0.0
appType: 2
accept-language: zh-cn
time-zone: GMT+08:00
screen: 1600x1200
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
device: mobile
x-uuid: b231bd15f4f916861d473712f9f7a5d4

Response headers

access-control-allow-origin: https://s05i0wu4vq5m9e4x.app
Date: Sat, 13 Jul 2024 14:51:08 GMT
access-control-allow-credentials: true
server: istio-envoy
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8

OPTIONS
H/1.1 200
OK downloadCheckRegion
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/ 0
0 1943ms
710ms Preflight 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/downloadCheckRegion?device=undefined
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apptype,browser,device,screen,time-zone,x-uuid
Access-Control-Request-Method: GET
Origin: https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 14:51:07 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,pc
access-control-allow-methods: GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app

GET
H2 200 zh_CN Show response
i18n-vd009.0571kowa.com/api/v2/i18n/PROD/diff/fluid/49/62/ 2 KB
2 KB 103ms
103ms XHR
application/json 18.155.68.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://i18n-vd009.0571kowa.com/api/v2/i18n/PROD/diff/fluid/49/62/zh_CN

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.155.68.97 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-155-68-97.sin52.r.cloudfront.net

Software

nginx/1.14.1 /

Resource Hash

1ff3d6cae6615c4ccb17f49070dc7779e7512c4ee7d4d8ca8605e11f90c18f51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
content-encoding: gzip
via: 1.1 dff3fc94ddb54b32b708edf2668b23d2.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.14.1
x-amz-cf-pop: SIN52-P1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
content-length: 1215
x-amz-cf-id: CRwfaPY9sgVBSV9BgTkQn25uHeBMUSPYvFbWrQcnD3c9ghbnqqNHiw==

GET
H3 200 timezone-af45c9c0.js Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 1 KB
1 KB 30ms
30ms Script
application/javascript 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/timezone-af45c9c0.js

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

736251a8d4a5dc11d223bc75a262b6c85f56dadd076c92fcdf6ba5bc66ad11c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin: https://s05i0wu4vq5m9e4x.app
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
x-amz-request-id: 9W90J8CNK175WCM1
age: 103809
alt-svc: h3=":443"; ma=86400
x-amz-id-2: JYmPQggTly0mW79vPqNlQQfaj0nS5aOUz5eeKCJsDHWcGfnMrDEb1Kan0xTHqzLHZKuZGTPUrII=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:51:11 GMT
server: cloudflare
etag: W/"9c5c277a1f8bcc055ce23f188a16794c"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16cf2d1a4834-SIN
expires: Tue, 13 Aug 2024 14:51:05 GMT

GET
H3 200 timezone_zh-cn-e8c29cd6.json Show response
qwerpi56k009fluid.nfjk3hu.app/assets/ 35 KB
10 KB 171ms
171ms XHR
application/json 104.18.16.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://qwerpi56k009fluid.nfjk3hu.app/assets/timezone_zh-cn-e8c29cd6.json

Requested by

Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8c29cd671d59670858240aa2657077e4516b527c124043cc2c7eae1ecb11ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 13 Jul 2024 14:51:05 GMT
x-amz-version-id: null
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: br
x-amz-request-id: TC8AY4C6ZA2AK94C
alt-svc: h3=":443"; ma=86400
x-amz-id-2: 0amG/PUa0KTrNtvdNbl7x8ASwP3/EVBBFHZGbJfIMcIxJg2kpoZZ4xE7P/oheT85ZjzFocF4ZLI=
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 09 Jul 2024 03:51:11 GMT
server: cloudflare
etag: W/"e60f8ea56df39a261145207b9cc23c29"
expect-ct: max-age=86400, enforce
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: ETag
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: public, max-age=2678400
x-frame-options: SAMEORIGIN
cf-ray: 8a2a16cf5d814834-SIN
expires: Tue, 13 Aug 2024 14:51:05 GMT

GET mapping
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/thirdparty/game/currency/ 0
0

OPTIONS
H/1.1 200
OK mapping
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/thirdparty/game/currency/ 0
0 1576ms
508ms Preflight 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/thirdparty/game/currency/mapping?isLogin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apptype,browser,device,screen,time-zone,x-uuid
Access-Control-Request-Method: GET
Origin: https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 14:51:07 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,pc
access-control-allow-methods: GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app

GET config
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/ 0
0

OPTIONS
H/1.1 200
OK config
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/ 0
0 2009ms
842ms Preflight 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/config?terminal=1&isLogin=false
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apptype,browser,device,screen,time-zone,x-uuid
Access-Control-Request-Method: GET
Origin: https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 14:51:08 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,pc
access-control-allow-methods: GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app

GET language
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/ 0
0

OPTIONS
H/1.1 200
OK language
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/ 0
0 2118ms
542ms Preflight 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,apptype,browser,device,pvd,screen,time-zone,x-uuid
Access-Control-Request-Method: GET
Origin: https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 14:51:08 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,sport-token,pvd
access-control-allow-methods: GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app

GET constants
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language/ 0
0

OPTIONS
H/1.1 200
OK constants
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language/ 0
0 2788ms
847ms Preflight 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language/constants
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept-language,apptype,browser,device,pvd,screen,time-zone,x-uuid
Access-Control-Request-Method: GET
Origin: https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 14:51:08 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,sport-token,pvd
access-control-allow-methods: GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app

GET customerService
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/sysmaintenance/ 0
0

OPTIONS
H/1.1 200
OK customerService
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/sysmaintenance/ 0
0 2678ms
669ms Preflight 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/sysmaintenance/customerService
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apptype,browser,device,screen,time-zone,x-uuid
Access-Control-Request-Method: GET
Origin: https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 14:51:08 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,pc
access-control-allow-methods: GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app

GET urls
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/download/app/ 0
0

OPTIONS urls
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/download/app/ 0
0

GET
H/1.1 200
OK urls Show response
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/download/app/ 194 B
587 B 1528ms
526ms XHR
application/json 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/download/app/urls
Requested by: Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: istio-envoy /
Resource Hash: 2e07892920037d041e68fc629ffb2ed96b4f75478b89e1dd3c49538abfdd5c41

Request headers

browser: Chrome 126.0.0.0
appType: 2
accept-language: zh-cn
time-zone: GMT+08:00
screen: 1600x1200
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
device: mobile
x-uuid: b231bd15f4f916861d473712f9f7a5d4

Response headers

access-control-allow-origin: https://s05i0wu4vq5m9e4x.app
Date: Sat, 13 Jul 2024 14:51:12 GMT
access-control-allow-credentials: true
server: istio-envoy
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8

OPTIONS
H/1.1 200
OK urls
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/download/app/ 0
0 1320ms
855ms Preflight 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/download/app/urls
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apptype,browser,device,screen,time-zone,x-uuid
Access-Control-Request-Method: GET
Origin: https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 14:51:11 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,pc
access-control-allow-methods: GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app

GET
H/1.1 200
OK mapping Show response
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/thirdparty/game/currency/ 3 KB
3 KB 778ms
777ms XHR
application/json 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/thirdparty/game/currency/mapping?isLogin=false
Requested by: Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: istio-envoy /
Resource Hash: c6b71a0dbc3badc40c9224da038e9c3a202eaabef67a466b1f3bf6b4e2cd5a04

Request headers

browser: Chrome 126.0.0.0
appType: 2
accept-language: zh-cn
time-zone: GMT+08:00
screen: 1600x1200
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
device: mobile
x-uuid: b231bd15f4f916861d473712f9f7a5d4

Response headers

access-control-allow-origin: https://s05i0wu4vq5m9e4x.app
Date: Sat, 13 Jul 2024 14:51:11 GMT
access-control-allow-credentials: true
server: istio-envoy
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK customerService Show response
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/sysmaintenance/ 413 B
807 B 2331ms
2159ms XHR
application/json 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/sysmaintenance/customerService
Requested by: Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: istio-envoy /
Resource Hash: c90dc8612b000e742c2e09fc83a70e15e3c4726f7fca7c5e99da34405b42111d

Request headers

browser: Chrome 126.0.0.0
appType: 2
accept-language: zh-cn
time-zone: GMT+08:00
screen: 1600x1200
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
device: mobile
x-uuid: b231bd15f4f916861d473712f9f7a5d4

Response headers

access-control-allow-origin: https://s05i0wu4vq5m9e4x.app
Date: Sat, 13 Jul 2024 14:51:13 GMT
access-control-allow-credentials: true
server: istio-envoy
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK language Show response
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/ 197 B
798 B 962ms
640ms XHR
application/json 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language
Requested by: Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: istio-envoy /
Resource Hash: d47d52c5d6bbb7dc7b5f84cd656f1c7045a7c6c32b410a4f5cdbab5fb5ab2d5d

Request headers

pvd: 9
browser: Chrome 126.0.0.0
appType: 2
accept-language: zh_CN
time-zone: GMT+08:00
screen: 1600x1200
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
device: mobile
x-uuid: b231bd15f4f916861d473712f9f7a5d4

Response headers

Date: Sat, 13 Jul 2024 14:51:11 GMT
server: istio-envoy
access-control-allow-methods: POST, OPTIONS, GET, PUT, DELETE, PATCH
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app
access-control-allow-credentials: true
Connection: keep-alive
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
Content-Length: 197

GET
H/1.1 200
OK config Show response
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/ 697 B
1 KB 1322ms
546ms XHR
application/json 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/config?terminal=1&isLogin=false
Requested by: Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: istio-envoy /
Resource Hash: 6b70bf51bf35e29098d733c22501b33bf98a0662c1545a8aaeece7fea4677b2b

Request headers

browser: Chrome 126.0.0.0
appType: 2
accept-language: zh-cn
time-zone: GMT+08:00
screen: 1600x1200
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
device: mobile
x-uuid: b231bd15f4f916861d473712f9f7a5d4

Response headers

access-control-allow-origin: https://s05i0wu4vq5m9e4x.app
Date: Sat, 13 Jul 2024 14:51:12 GMT
access-control-allow-credentials: true
server: istio-envoy
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK constants Show response
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language/ 508 B
1 KB 1598ms
635ms XHR
application/json 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language/constants
Requested by: Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: istio-envoy /
Resource Hash: 1096c1c84c459e2c5c99a6f9f9cbf174a1459859ad894e6aff2e7a28b6d62667

Request headers

pvd: 9
browser: Chrome 126.0.0.0
appType: 2
accept-language: zh_CN
time-zone: GMT+08:00
screen: 1600x1200
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
device: mobile
x-uuid: b231bd15f4f916861d473712f9f7a5d4

Response headers

Date: Sat, 13 Jul 2024 14:51:12 GMT
server: istio-envoy
access-control-allow-methods: POST, OPTIONS, GET, PUT, DELETE, PATCH
Content-Type: application/json; charset=utf-8
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app
access-control-allow-credentials: true
Connection: keep-alive
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
Content-Length: 508

OPTIONS merchantSetting
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/ 0
0

OPTIONS
H/1.1 200
OK agent
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/merchantSetting/ 0
0 931ms
658ms Preflight 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/merchantSetting/agent?device=mobile&currency=CNY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apptype,browser,currency,device,screen,time-zone,x-uuid
Access-Control-Request-Method: GET
Origin: https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 14:51:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,pc
access-control-allow-methods: GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app

OPTIONS
H/1.1 200
OK livingCountrySettings
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/ 0
0 1260ms
852ms Preflight 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/livingCountrySettings
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apptype,browser,currency,device,screen,time-zone,x-uuid
Access-Control-Request-Method: GET
Origin: https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 14:51:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,pc
access-control-allow-methods: GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app

OPTIONS
H/1.1 200
OK promotionCode
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/agent/ 0
0 1691ms
1170ms Preflight 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/agent/promotionCode
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: apptype,browser,currency,device,screen,time-zone,x-uuid
Access-Control-Request-Method: GET
Origin: https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 0
Date: Sat, 13 Jul 2024 14:51:13 GMT
access-control-allow-credentials: true
access-control-allow-headers: accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,pc
access-control-allow-methods: GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin: https://s05i0wu4vq5m9e4x.app

GET merchantSetting
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/ 0
0

GET
H/1.1 200
OK agent Show response
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/merchantSetting/ 1 KB
2 KB 636ms
636ms XHR
application/json 203.107.62.161
ALIBABA-CN-NET Ha...

General

Check archive.org

Show headers Download Go to

Full URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/merchantSetting/agent?device=mobile&currency=CNY
Requested by: Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software: istio-envoy /
Resource Hash: 8ff81401c1d847d775bd1578c9888913fc4968ac594c897ec6c4cc5277593380

Request headers

currency: CNY
browser: Chrome 126.0.0.0
appType: 2
accept-language: zh-cn
time-zone: GMT+08:00
screen: 1600x1200
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://s05i0wu4vq5m9e4x.app/
device: mobile
x-uuid: b231bd15f4f916861d473712f9f7a5d4

Response headers

access-control-allow-origin: https://s05i0wu4vq5m9e4x.app
Date: Sat, 13 Jul 2024 14:51:13 GMT
access-control-allow-credentials: true
server: istio-envoy
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8

GET livingCountrySettings
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/ 0
0

GET promotionCode
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/agent/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/thirdparty/game/currency/mapping?isLogin=false

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/config?terminal=1&isLogin=false

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language/constants

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/sysmaintenance/customerService

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/download/app/urls

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/download/app/urls

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/merchantSetting?device=mobile&currency=CNY

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/merchantSetting?device=mobile&currency=CNY

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/livingCountrySettings

Domain: vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL: https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/agent/promotionCode

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.nfjk3hu.app/	1970-01-20 22:01:24	Name: __cf_bm Value: cFWgGG4U6Lf3ox1OOXp5UAjjGygR5zQwMewoeCY0Kgs-1720882264-1.0.1.1-TXuvmyQR1FUpFNM6L7hnu7VtjUPxVPYxf3ZZ6Utqv.v.WdeFLvwBV_dHphd5592X2Q166_zo5Syqp5hYbsiMTw
			.nfjk3hu.app/	1969-12-31 23:59:59	Name: _cfuvid Value: 8LpZDa0IiqvA5ROh7Y23OMedt.ZWlSanE6wEBQ19V8c-1720882264202-0.0.1.1-604800000

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fa03.app
i18n-vd009.0571kowa.com
qwerpi56k009fluid.nfjk3hu.app
s05i0wu4vq5m9e4x.app
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
104.18.16.119
16.163.251.42
18.155.68.97
202.95.12.144
203.107.62.161
00f7cbd2afffd0b96aa4652a79ff2ee2ad6afa39465ae24294c2a21fcb41ec77
0819f7f52433c0e89f68976f9528ae67d49af3f3ff3a1646323aa0c6da75b9fe
1096c1c84c459e2c5c99a6f9f9cbf174a1459859ad894e6aff2e7a28b6d62667
171d08a4273625dea9657553180e46645df43f2b14ced5e29b470bd8132dda47
1ff3d6cae6615c4ccb17f49070dc7779e7512c4ee7d4d8ca8605e11f90c18f51
2132c6b1199447001d06dec07fa72a94b710674fc87120281bbfe2eaab6b8562
2e07892920037d041e68fc629ffb2ed96b4f75478b89e1dd3c49538abfdd5c41
432c7f3dbbb6a7ca50ba18cdc0f3fda8262ce58961e6a51bac17917017f7dfa8
51f52733becdf015f24066af1255eff945117a995f8b5a3515fe3ab40e617713
662574d7f16b53bfc4a725df11c630d32625db17f2bdee9820074904095db9db
6b70bf51bf35e29098d733c22501b33bf98a0662c1545a8aaeece7fea4677b2b
6cbc84030b009a2340f24f56d9f850983a46b4a5e2f2fb111a46c5e2674543ce
736251a8d4a5dc11d223bc75a262b6c85f56dadd076c92fcdf6ba5bc66ad11c5
7b6a1f54e198086396b46e6086b419ce61c788fd41746f1506c079948ccd689a
893d261dfacee2334db63363b278d2807bc8d2029e976deb601c1407caa5ab2d
8ff81401c1d847d775bd1578c9888913fc4968ac594c897ec6c4cc5277593380
94aaed50f0651a165a80039013d5d56d5ceb60a023702875001a096b1e38c8e0
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b
a3b8ab20e5e5827ad5d23c553d0b341787e840b1cbf63b73c8b01175dbd7f00f
af92a2426666cf50880be9c7f54f25af5fa6953cd3b22b60d9171053bce240d3
b894383ca1f01e315a47e35013c0e65bb6b7798685a39e913182f86889b88968
c6b71a0dbc3badc40c9224da038e9c3a202eaabef67a466b1f3bf6b4e2cd5a04
c90dc8612b000e742c2e09fc83a70e15e3c4726f7fca7c5e99da34405b42111d
d47d52c5d6bbb7dc7b5f84cd656f1c7045a7c6c32b410a4f5cdbab5fb5ab2d5d
d6adb384485ced87476d806c49e79f151f2f2135bb19ef43302bef6bd02c60f4
db70d701be36cb0afcec5fbf2fcec28f52893cb3fd2ced874c2e1ca6a16e3d99
e63dc064cd6275cfcfa04bf5ebab683da7afcc8d37e94fa4b849e59b1370b4a9
e8c29cd671d59670858240aa2657077e4516b527c124043cc2c7eae1ecb11ec9
fef970be58a3455000217ba6c85bc1b0f476472fff17ae770ee3f227aa6dfa78

s05i0wu4vq5m9e4x.app Open in urlscan Pro 16.163.251.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

50 Requests

78 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

5 Countries

701 kBTransfer

2367 kBSize

2 Cookies

0 Outgoing links

Page URL History

Redirected requests

50 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

s05i0wu4vq5m9e4x.app Open in urlscan Pro
16.163.251.42 Public Scan

Screenshot
Live screenshot

Full Image

50
Requests

78 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

5
Countries

701 kB
Transfer

2367 kB
Size

2
Cookies

50 HTTP transactions
0 data transactions