pevi.r4b5u2t.com Open in urlscan Pro
172.65.194.65 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://pevi.r4b5u2t.com/
Submission: On June 18 via api (June 18th 2024, 9:11:00 am UTC) from US — Scanned from DE

Summary HTTP 277 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 7 countries across 25 domains to perform 277 HTTP transactions. The main IP is 172.65.194.65, located in United States and belongs to CLOUDFLARENET, US. The main domain is pevi.r4b5u2t.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 17th 2024. Valid for: a year.

This is the only time pevi.r4b5u2t.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
183	172.65.194.65 172.65.194.65	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	47.254.186.236 47.254.186.236	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
4	18.162.246.23 18.162.246.23	16509 (AMAZON-02) (AMAZON-02)
4	137.220.202.25 137.220.202.25	152194 (CTGSERVER...) (CTGSERVERLIMITED-AS-AP CTG Server Limited)
2	137.220.146.142 137.220.146.142	152194 (CTGSERVER...) (CTGSERVERLIMITED-AS-AP CTG Server Limited)
10	138.113.211.72 138.113.211.72	54994 (ML-1432-5...) (ML-1432-54994)
1	157.240.252.13 157.240.252.13	32934 (FACEBOOK) (FACEBOOK)
1	114.119.189.26 114.119.189.26	136907 (HWCLOUDS-...) (HWCLOUDS-AS-AP HUAWEI CLOUDS)
1	18.245.31.44 18.245.31.44	16509 (AMAZON-02) (AMAZON-02)
1	163.181.92.245 163.181.92.245	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
3	43.152.44.80 43.152.44.80	139341 (ACE-AS-AP...) (ACE-AS-AP ACE)
1	47.246.46.182 47.246.46.182	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	2606:4700::68... 2606:4700::6811:6c1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
277	15

183 172.65.194.65 (United States)

ASN13335 (CLOUDFLARENET, US)

pevi.r4b5u2t.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
oss.pqrst123vip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kses.fq4dwq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bfh.nj1wnu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sslg.r10cx7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kong.rbblr3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
huan.ywm9i5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ying.zv5838.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lkc.cc3hkx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dak.8lf24g.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zng.6a2ex7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cvdn.0075123.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 47.254.186.236 (Frankfurt am Main, Germany)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

stf3v2-268-ppp.oss-accelerate.aliyuncs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.162.246.23 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-162-246-23.ap-east-1.compute.amazonaws.com

www.12378945.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.12347089.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 137.220.202.25 (Tokyo, Japan)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)

hss.b5c6d7e8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hss.ert123vip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 137.220.146.142 (Tokyo, Japan)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)

hss.54123vip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 138.113.211.72 (Canada)

ASN54994 (ML-1432-54994, CA)

hss.dfg123vip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hss.hjk123vip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.252.13 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 114.119.189.26 (Singapore)

ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK)
PTR: ecs-114-119-189-26.compute.hwclouds-dns.com

conn.webpush.theengagelab.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-44.fra56.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 163.181.92.245 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

sdk.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 43.152.44.80 (Frankfurt am Main, Germany)

ASN139341 (ACE-AS-AP ACE, SG)

riskct.geetest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.246.46.182 (Milan, Italy)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

collect-v6.51.la	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:6c1 (United States)

ASN13335 (CLOUDFLARENET, US)

static.geetest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
122	pqrst123vip.com oss.pqrst123vip.com	5 MB
39	r4b5u2t.com pevi.r4b5u2t.com	1 MB
8	dfg123vip.com hss.dfg123vip.com	5 KB
6	aliyuncs.com stf3v2-268-ppp.oss-accelerate.aliyuncs.com	7 KB
4	geetest.com riskct.geetest.com — Cisco Umbrella Rank: 140534 static.geetest.com — Cisco Umbrella Rank: 34045	50 KB
4	fq4dwq.com kses.fq4dwq.com	761 B
2	51.la sdk.51.la — Cisco Umbrella Rank: 65668 collect-v6.51.la — Cisco Umbrella Rank: 51638	14 KB
2	hjk123vip.com hss.hjk123vip.com	954 B
2	ert123vip.com hss.ert123vip.com	694 B
2	54123vip.com hss.54123vip.com	694 B
2	b5c6d7e8.com hss.b5c6d7e8.com	694 B
2	12347089.com www.12347089.com	694 B
2	12378945.com www.12378945.com	694 B
2	0075123.com cvdn.0075123.com	250 B
2	6a2ex7.com zng.6a2ex7.com	250 B
2	8lf24g.com dak.8lf24g.com	250 B
2	cc3hkx.com lkc.cc3hkx.com	250 B
2	zv5838.com ying.zv5838.com	250 B
2	ywm9i5.com huan.ywm9i5.com	250 B
2	rbblr3.com kong.rbblr3.com	251 B
2	r10cx7.com sslg.r10cx7.com	250 B
2	nj1wnu.com bfh.nj1wnu.com	250 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 205	91 KB
1	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 30680	1014 B
1	theengagelab.com conn.webpush.theengagelab.com — Cisco Umbrella Rank: 110753	342 B
277	25

	Domain	Requested by
122	oss.pqrst123vip.com	pevi.r4b5u2t.com
39	pevi.r4b5u2t.com	pevi.r4b5u2t.com
8	hss.dfg123vip.com	pevi.r4b5u2t.com
6	stf3v2-268-ppp.oss-accelerate.aliyuncs.com	pevi.r4b5u2t.com
4	kses.fq4dwq.com	pevi.r4b5u2t.com
3	riskct.geetest.com	pevi.r4b5u2t.com static.geetest.com
2	hss.hjk123vip.com	pevi.r4b5u2t.com
2	hss.ert123vip.com	pevi.r4b5u2t.com
2	hss.54123vip.com	pevi.r4b5u2t.com
2	hss.b5c6d7e8.com	pevi.r4b5u2t.com
2	www.12347089.com	pevi.r4b5u2t.com
2	www.12378945.com	pevi.r4b5u2t.com
2	cvdn.0075123.com	pevi.r4b5u2t.com
2	zng.6a2ex7.com	pevi.r4b5u2t.com
2	dak.8lf24g.com	pevi.r4b5u2t.com
2	lkc.cc3hkx.com	pevi.r4b5u2t.com
2	ying.zv5838.com	pevi.r4b5u2t.com
2	huan.ywm9i5.com	pevi.r4b5u2t.com
2	kong.rbblr3.com	pevi.r4b5u2t.com
2	sslg.r10cx7.com	pevi.r4b5u2t.com
2	bfh.nj1wnu.com	pevi.r4b5u2t.com
2	connect.facebook.net	pevi.r4b5u2t.com connect.facebook.net
1	static.geetest.com	pevi.r4b5u2t.com
1	collect-v6.51.la	sdk.51.la
1	sdk.51.la	pevi.r4b5u2t.com
1	fpnpmcdn.net	pevi.r4b5u2t.com
1	conn.webpush.theengagelab.com	pevi.r4b5u2t.com
277	27

This site contains no links.

Subject Issuer	Validity	Valid
pevi.r4b5u2t.com Sectigo RSA Domain Validation Secure Server CA	`2024-06-17` - `2025-06-17`	a year	crt.sh
oss.pqrst123vip.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-08` - `2025-05-08`	a year	crt.sh
*.oss-eu-central-1.aliyuncs.com GlobalSign Organization Validation CA - SHA256 - G3	`2024-01-26` - `2025-02-26`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-03-27` - `2024-06-25`	3 months	crt.sh
kses.fq4dwq.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-31` - `2025-05-31`	a year	crt.sh
bfh.nj1wnu.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-29` - `2025-05-29`	a year	crt.sh
sslg.r10cx7.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-29` - `2025-05-29`	a year	crt.sh
kong.rbblr3.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-29` - `2025-05-29`	a year	crt.sh
huan.ywm9i5.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-29` - `2025-05-29`	a year	crt.sh
ying.zv5838.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-29` - `2025-05-29`	a year	crt.sh
lkc.cc3hkx.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-28` - `2025-05-28`	a year	crt.sh
dak.8lf24g.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-28` - `2025-05-28`	a year	crt.sh
zng.6a2ex7.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-28` - `2025-05-28`	a year	crt.sh
cvdn.0075123.com Sectigo RSA Domain Validation Secure Server CA	`2024-05-28` - `2025-05-28`	a year	crt.sh
www.12378945.com R3	`2024-05-24` - `2024-08-22`	3 months	crt.sh
www.12347089.com R3	`2024-05-24` - `2024-08-22`	3 months	crt.sh
hss.b5c6d7e8.com R3	`2024-05-21` - `2024-08-19`	3 months	crt.sh
hss.54123vip.com R3	`2024-05-20` - `2024-08-18`	3 months	crt.sh
hss.ert123vip.com R3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
hss.dfg123vip.com R3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
hss.hjk123vip.com R3	`2024-05-17` - `2024-08-15`	3 months	crt.sh
conn.webpush.theengagelab.com Encryption Everywhere DV TLS CA - G2	`2023-10-09` - `2024-10-08`	a year	crt.sh
fpcdn.io Amazon RSA 2048 M03	`2023-10-10` - `2024-11-08`	a year	crt.sh
*.51.la GlobalSign RSA OV SSL CA 2018	`2024-03-19` - `2025-04-20`	a year	crt.sh
*.geetest.com GeoTrust TLS RSA CA G1	`2024-03-12` - `2025-03-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://pevi.r4b5u2t.com/
Frame ID: AF5D0E560FFCC59AE1908933CF24A6FA
Requests: 276 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

澳门新葡京

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Page Statistics

277
Requests

79 %
HTTPS

14 %
IPv6

25
Domains

27
Subdomains

15
IPs

7
Countries

6627 kB
Transfer

14894 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

277 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
pevi.r4b5u2t.com/ 43 KB
14 KB 1412ms
471ms Document
text/html 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

bfcdd69af88deaee329207457302e3ddde6fb461082c62fee7e07804d6b2288b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

c-type: pf
cache-control: s-maxage=600,public,max-age=0
content-encoding: gzip
content-md5: r2i4e/p7DFCo69Foe3P28g==
content-type: text/html
date: Tue, 18 Jun 2024 09:10:34 GMT
last-modified: Tue, 18 Jun 2024 08:54:28 GMT
rid: cced76c5b5948c3c9e9b874151333dd6
server: gocache
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-cache-status: MISS
x-oss-hash-crc64ecma: 13270172110770663323
x-oss-object-type: Normal
x-oss-request-id: 66714F0A108AF537378B0ACD
x-oss-server-time: 1
x-oss-storage-class: Standard

GET
H2 200 runtime.a781ec1829aecd052d94.js Show response
pevi.r4b5u2t.com/assets/ 41 KB
16 KB 475ms
468ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

9c62b1499a1c42dcf4a61653b7983b540bd000573de0a699b7858bb0b0f601c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0B108AF53737E512CD
content-md5: nUkr5iyx2heyBBWTVKx8Hw==
x-cache-status: MISS
rid: 878a0e11c777537449b85100c1ff45a2
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"9D492BE62CB1DA17B204159354AC7C1F"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 2413039591270154998
x-oss-server-time: 2

GET
H2 200 vendor~cdd60c62.948e7ac2ada7fc25378b.js Show response
pevi.r4b5u2t.com/assets/ 161 KB
49 KB 475ms
469ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/vendor~cdd60c62.948e7ac2ada7fc25378b.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

e3fc400fa4e906282784cd3ada73fca55a160fc88e235d3885ba671e0e44587c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0BC05EDB303711DB53
content-md5: 6keaIm7eiPdSipdoLj5m9w==
x-cache-status: MISS
rid: 529cb6febbd72b4c84bb77768521b49b
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"EA479A226EDE88F7528A97682E3E66F7"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 12516729211121488691
x-oss-server-time: 6

GET
H2 200 vendor~d2eb5610.aa2833113402db7e9461.js Show response
pevi.r4b5u2t.com/assets/ 178 KB
51 KB 548ms
515ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/vendor~d2eb5610.aa2833113402db7e9461.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

9c8f3a924c8e0131a2fd7c9171117bccc975c50130091855a01c914042a4c8e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0BFEEE6A393455B9BA
content-md5: RN5vGTtf/OY7P6D2wylVWA==
x-cache-status: MISS
rid: 71ee6f95a5fee71f18c355c07d0e1202
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"44DE6F193B5FFCE63B3FA0F6C3295558"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 8914712505974508887
x-oss-server-time: 4

GET
H2 200 vendor~5a94f17d.9e26a631eeaa10a4f447.js Show response
pevi.r4b5u2t.com/assets/ 175 KB
53 KB 549ms
516ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/vendor~5a94f17d.9e26a631eeaa10a4f447.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

9041af434ed5779b12f618e94d7ba7ce615d34143f243a425e37e5d12a63a366

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0BFEEE6A363256B9BA
content-md5: FhHJzUlMsEJa7scUayT/eQ==
x-cache-status: MISS
rid: cd4e77d184916526cb3c25f3e555f4f7
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"1611C9CD494CB0425AEEC7146B24FF79"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 15097401627497403321
x-oss-server-time: 4

GET
H2 200 vendor.ant-design-vue~c5d15932.87599af1363e56cf1a0c.js Show response
pevi.r4b5u2t.com/assets/ 237 KB
64 KB 783ms
752ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/vendor.ant-design-vue~c5d15932.87599af1363e56cf1a0c.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

40a57c4f96c3bef9013447a869b2c0bfc112ecaa671779a744b229ce7b374080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0B36F90D37392BCBD3
content-md5: MZOzIUNlz+hppxRMa+PdiQ==
x-cache-status: MISS
rid: 3e4aa9c0e26aaf90413726cbafd97305
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"3193B3214365CFE869A7144C6BE3DD89"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 733788880934548799
x-oss-server-time: 5

GET
H2 200 vendor.ant-design-vue~858e9c75.d52bc62dfccd360b218d.js Show response
pevi.r4b5u2t.com/assets/ 326 KB
85 KB 560ms
529ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/vendor.ant-design-vue~858e9c75.d52bc62dfccd360b218d.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

c8f1e2875f04cc67a72b87fd50a65dd3e30755a0bb38c0e2dd00ccee193f4b18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0BA87B9A353027C144
content-md5: 5BeV//Bk0XVYCp06t3polg==
x-cache-status: MISS
rid: 53f7c8de0f3cc3f92e858223316bef18
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"E41795FFF064D175580A9D3AB77A6896"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 737059335683464012
x-oss-server-time: 6

GET
H2 200 2690.d5bd57ae6dd3ba4ad1ce.js Show response
pevi.r4b5u2t.com/assets/ 263 KB
75 KB 559ms
529ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

d590a067a5e53f9fd175c2208c8868cb1ffa41196c89c7cea571d816fe8c5d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0B5ADBFC3936C21907
content-md5: Ht4LLRBie1nBVPT9eW01YQ==
x-cache-status: MISS
rid: 054f9f8f4f81b5400d65bbe0d6e51c76
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"1EDE0B2D10627B59C154F4FD796D3561"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 6383032219633855322
x-oss-server-time: 5

GET
H2 200 5431.de9e6b9b12124f9b61cd.js Show response
pevi.r4b5u2t.com/assets/ 187 KB
57 KB 560ms
530ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/5431.de9e6b9b12124f9b61cd.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

7bd53601c3d6cdadf1414cc129483dc756fbd455f4592f35b968eea738f3f038

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0B1E3C9237368FF30A
content-md5: MFCMKZFP+/dfrFLkBMVNLg==
x-cache-status: MISS
rid: a653135282c523fb43c6a43129359ca4
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"30508C29914FFBF75FAC52E404C54D2E"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 1113326546081098678
x-oss-server-time: 12

GET
H2 200 main~43dd7041.c829f8fa6fd5dbf99b8e.js Show response
pevi.r4b5u2t.com/assets/ 439 KB
104 KB 556ms
527ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

6584c85e30d61b232bd133c55a68ab62be14da5192df14983500e2b1eb6c674b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0B70888B353947CF9C
content-md5: 3fhkypRJ0GaN41wbwgaSEw==
x-cache-status: MISS
rid: 21454114915ed4a1a2abf244c76ea27e
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"DDF864CA9449D0668DE35C1BC2069213"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 4373759910588096722
x-oss-server-time: 3

GET
H2 200 main~9bf88260.1a7c09afdb8922ddb851.js Show response
pevi.r4b5u2t.com/assets/ 243 KB
73 KB 773ms
754ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

fe9f2b8249572c2cf05dd565684a95c757ab1ce9d3620a7ea14acb29b9dbe732

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0B0900E6303685FF05
content-md5: a0K/jtX2cpsftMoXpD26nA==
x-cache-status: MISS
rid: 4a684dc399e53c8223aebfb213838c45
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"6B42BF8ED5F6729B1FB4CA17A43DBA9C"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 12419107257263579016
x-oss-server-time: 5

GET
H2 200 main~ff90cf7f.30aeb05745333ec06e0f.js Show response
pevi.r4b5u2t.com/assets/ 366 KB
132 KB 782ms
765ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/main~ff90cf7f.30aeb05745333ec06e0f.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

eaa4532ffb0612bc5baf54dae58cfeb25a5a644dbeec379e12cdcf365ec9e202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0BF397E23833C35925
content-md5: aO7HxAdNxILn/Ua8mgRC9Q==
x-cache-status: MISS
rid: 599758996f8fea717d9001c88fde2a52
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"68EEC7C4074DC482E7FD46BC9A0442F5"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 2750078408153372541
x-oss-server-time: 27

GET
H2 200 vendor~aac516cf.34f3c3e2dad616dd450c.css
pevi.r4b5u2t.com/assets/ 495 KB
84 KB 564ms
531ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/vendor~aac516cf.34f3c3e2dad616dd450c.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

fd672d9667d2e65eb0cbc17f8a2e3f3852f54feb1cab530970673f95c64343a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
content-encoding: gzip
x-oss-request-id: 66714F0B048FEF39385963E5
content-md5: 1TaVvsofV2hWSw901E4ATg==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: d53a8a250865e3e777d62c72e59cdf13
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 10953150796879738951
x-oss-server-time: 8

GET
H2 200 start.88a84593244c71954f89.css
pevi.r4b5u2t.com/assets/ 56 KB
5 KB 560ms
527ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/start.88a84593244c71954f89.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

38ef2d791b807288b1ee05b9700d3855281fb88730e348bae10cefdcce464e27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
content-encoding: gzip
x-oss-request-id: 66714F0B7732EB3236152CE0
content-md5: 7Sj1s9O3OuEVJz4iO3SW+g==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: 749c46048b615f49e4f8e0d111f0ea70
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 5573157750493868036
x-oss-server-time: 5

GET
H2 200 main~31743c5a.4bd5b83456e31c3a8174.css
pevi.r4b5u2t.com/assets/ 282 KB
42 KB 563ms
530ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/main~31743c5a.4bd5b83456e31c3a8174.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

0d6a7f07c7dd8ec74591fbd7e7d579e849fd1de9ff8c7a36381b937fe3c4d544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:35 GMT
content-encoding: gzip
x-oss-request-id: 66714F0B2BFAC73530EA3A90
content-md5: If9Iag2GOvpA/ucUJ0DISw==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: b40777e406b2eb4d18e1ac0267ba2bd1
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 9281144315432652467
x-oss-server-time: 5

GET
H2 200 h5icon.ico
oss.pqrst123vip.com/cocos/lg/ 4 KB
5 KB 1381ms
309ms Other
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/cocos/lg/h5icon.ico

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

eabb1c65604b612d86642e8ffa4779ce31aadc0fba5b121d55bd489ffad0b91d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66706698CC39EA8F6ECCFF74
content-md5: 84fNTyQYdgEVWwiEpCiLJQ==
x-cache-status: HIT
content-disposition: attachment
rid: 836cde4d080f72bb59217e4a492de73a
content-length: 4286
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:40:59 GMT
server: gocache
etag: "F387CD4F24187601155B0884A4288B25"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 2649857696120726609
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:38 GMT

GET
H2 200 7175.eac90888961060e71443.js Show response
pevi.r4b5u2t.com/assets/ 217 KB
37 KB 391ms
391ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/7175.eac90888961060e71443.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

a0d8c4dffcfae62b0cf302a5a12bf87f55ca9e556962d53984703e01493b4d05

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0EF397E23833DE7725
content-md5: 0uS/BhnZkquFYDS3Fza4Hg==
x-cache-status: MISS
rid: 278ad7892bc1ea38d038c368037d44aa
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"D2E4BF0619D992AB856034B71736B81E"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 974350387650530535
x-oss-server-time: 7

GET
H2 200 home@theme=1.e6627094fabb9410e14b.css
pevi.r4b5u2t.com/assets/ 311 KB
38 KB 587ms
587ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/home@theme=1.e6627094fabb9410e14b.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

25af9eb8d862d5b948801058b5c0ed33f064702e7d6a37c3d289ca82aab2d97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0E70888B353969EF9C
content-md5: lFGRiKJ53KKuxTLM9Qot6Q==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: 95d05556a5e0e1abb1c66f82242ba66e
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 5257678374006450129
x-oss-server-time: 18

GET
H2 200 home@theme=1.6aca2cec08f62ca72bd6.js Show response
pevi.r4b5u2t.com/assets/ 131 KB
36 KB 388ms
387ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/home@theme=1.6aca2cec08f62ca72bd6.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

a610e1423cba37e906bdc4393174e0f2094a85bd756845fa48b2549a3a4b1ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0EA87B9A353051DE44
content-md5: jnRXFC75tawMebPdfXtveQ==
x-cache-status: MISS
rid: 803ed0927a73a844bdc7ea311ebffeb3
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"8E7457142EF9B5AC0C79B3DD7D7B6F79"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 8465271819003801551
x-oss-server-time: 3

GET
H2 200 layout@theme=1.ad15056d7a1f3f2197d9.css
pevi.r4b5u2t.com/assets/ 66 KB
11 KB 660ms
660ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/layout@theme=1.ad15056d7a1f3f2197d9.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

726665254f4b0a564a67e5f1de2aabe2038184f4a8a3479c7e0805d139c15bad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0E5ADBFC3936593807
content-md5: WoOY+h3E9+MikUAl7d5JEw==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: 28e5c9f8892be3f12d8bfa99d56470ad
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 16404414680397333148
x-oss-server-time: 17

GET
H2 200 layout@theme=1.ea4f6a9ae1eaeaaf26de.js Show response
pevi.r4b5u2t.com/assets/ 88 KB
26 KB 666ms
666ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/layout@theme=1.ea4f6a9ae1eaeaaf26de.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

8f9183c9025e4c8ae4ebfc2895faced5f0a8e2e95eece72e19359e99625ad76f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E0900E63036AD1D06
content-md5: 6nmNZLLPjNHMAUll2zQ2ig==
x-cache-status: MISS
rid: 48e0f83e81ed2e867da0b3808c719467
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"EA798D64B2CF8CD1CC014965DB34368A"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 6752960531735828692
x-oss-server-time: 19

GET
H2 200 config_data.json Show response
oss.pqrst123vip.com/cocos/ 5 KB
4 KB 1248ms
429ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/cocos/config_data.json?timestamp=1718701837860

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

96e351a9638485b4589773be0b9e993cd5acf66da3a3dcb5c5e67ab6d5c9dca8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0ECC39EA8F6EC5BEB0
content-md5: aOqwWSXeDsIn8DxVDVRZcg==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 50cd3c6bfea0c04e0c5a6f41f8f35410
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 17 Jun 2024 04:12:41 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 406834923204626356
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 site-i18n-config@zh_CN.44ad51fc3f214d7be4ee.js Show response
pevi.r4b5u2t.com/assets/ 138 KB
44 KB 649ms
649ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/site-i18n-config@zh_CN.44ad51fc3f214d7be4ee.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

d1c0bcf4d49a938c51b7771c663d799f84469ca270514bea16f64dbcbff3963f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0EFEEE6A3632A0D7BA
content-md5: EsDjI5jzwcm3BsYQqb6kpA==
x-cache-status: MISS
rid: 9b790990f3c79dc2fc787466cce06942
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"12C0E32398F3C1C9B706C610A9BEA4A4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 6047822241626444950
x-oss-server-time: 4

GET
H2 200 main.sprites.json Show response
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-11/ 443 KB
299 KB 1347ms
556ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-11/main.sprites.json?manualVersion=1&version=v4.0.350

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

1a56140e21ff5305a82f79038c2a31f44c881143afd153d155a6764f30662066

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0E304E2EE99CC3180D
content-md5: 7rzwTht+reicve83I6MbUA==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 45c22b8c99830733994686761bb1e315
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 17 Jun 2024 07:47:16 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 384262482766378929
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sprite.svg Show response
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-11/ 768 KB
241 KB 1223ms
433ms XHR
image/svg+xml 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-11/sprite.svg?manualVersion=1&version=v4.0.350

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

89b0ea2ee92cd41d549993994399dc5c84e7bd6843338a012717b83dbaf4aa69

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0EB227D44BDEC69DB1
content-md5: ChdF0p6PoQk4CGrpyCjE4g==
x-cache-status: MISS
content-disposition: attachment
rid: eaa73eeb7730a2ddd1f6069cca970c61
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 07:47:17 GMT
server: gocache
etag: W/"0A1745D29E8FA10938086AE9C828C4E2"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: max-age=86400
x-oss-force-download: true
content-type: image/svg+xml
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 13882690860387710671
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:38 GMT

GET
H2 200 assets.hash.json Show response
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-11/ 90 KB
21 KB 1341ms
555ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-11/assets.hash.json?timestamp=1718701837915

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

a4c9516d748c0eb4dd50a9f10038e1edfbef9fd427c60f827b29f4229b3951d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0EA1B449098DBDAB4A
content-md5: VrBDM2ma3RMRcao+26WMYQ==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 92ca29bd09efd14b38ef674c5a6de514
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 17 Jun 2024 07:47:16 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 16218055526163793877
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 assets.hash.json Show response
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/1-0/ 849 B
890 B 1341ms
557ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/1-0/assets.hash.json?timestamp=1718701837916

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

7547dfd70de889413591a0a20785888b2ca2af4d3586ca7b3ddf05657a8c67f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E47CBA4D812C224AF
content-md5: VTdgYk35bn8pWgGdcLsOJA==
content-disposition: attachment
rid: ead5e055c360179d17d056ecada9c2b9
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 17 Jun 2024 09:25:02 GMT
server: gocache
etag: W/"553760624DF96E7F295A019D70BB0E24"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 13275270706196707603
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 style@theme=1.b6ad122194c35521fcc1.css
pevi.r4b5u2t.com/assets/ 625 B
676 B 373ms
366ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/style@theme=1.b6ad122194c35521fcc1.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

c7d5a459ffcef60356d5b15615583d02415604953f0ee15713286bebb69df0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E0900E63036DF2506
content-md5: jfbT0BMK9KpYEe31CC+kPA==
x-cache-status: MISS
rid: fe8982395955375f36b811150b576dde
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"8DF6D3D0130AF4AA5811EDF5082FA43C"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 3436057668424300108
x-oss-server-time: 3

GET
H2 200 style@theme=1.661c049c29d75cd565b1.js Show response
pevi.r4b5u2t.com/assets/ 151 B
560 B 377ms
370ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/style@theme=1.661c049c29d75cd565b1.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

984a79b5b6ddb61594e3c9774933b4c33196d719d44532d589173ad6886791b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0EFEEE6A3632B9DFBA
content-md5: 9/4yRDwKD7OA8yH1vFb3nw==
x-cache-status: MISS
rid: 4b26531b078ff220f13e174c345329df
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"F7FE32443C0A0FB380F321F5BC56F79F"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 11754132589776546272
x-oss-server-time: 5

GET
H2 200 7842.df52a3f6459a0631f7f4.css
pevi.r4b5u2t.com/assets/ 3 KB
1 KB 387ms
384ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/7842.df52a3f6459a0631f7f4.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

40eddcd1c817b6f3ab2cb6e7056bd7677a54c1ba606519b98808b77a5b9a1026

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0E5ADBFC3936754007
content-md5: 1iLG7pP5sLrJM4p0InzDng==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: 1deade4a6e7e17538bfe853b87467f8d
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 8562991875525209075
x-oss-server-time: 11

GET
H2 200 7842.115583e74c628bc9ecbb.js Show response
pevi.r4b5u2t.com/assets/ 386 B
689 B 371ms
368ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/7842.115583e74c628bc9ecbb.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

346a4ff5ce10bfd322f08f8ccee093d645d7039aa813b7f81d4a0c3edc5b5751

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E70888B3539E7F79C
content-md5: Ez4uJR5WkTJyWMpn4NyWAQ==
x-cache-status: MISS
rid: 985f7e4e2f8ea5f75b723040b67c94f9
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"133E2E251E5691327258CA67E0DC9601"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 12389929537422088664
x-oss-server-time: 3

GET
H2 404 sprite.svg Show response
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/1-0/ 435 B
613 B 493ms
436ms XHR
application/xml 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/1-0/sprite.svg?manualVersion=1&version=v4.0.350

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

3b97f6c480239435610dbf9737fbe8b1f86ed12420c59fbf63f0f8d7b5336e4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E30CDE347A9BFD321
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
content-type: application/xml
x-oss-ec: 0026-00000001
x-oss-server-time: 2

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/api/lobby/site/getSiteInfo/language/ 3 KB
3 KB 447ms
440ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/api/lobby/site/getSiteInfo/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

e1d1985b7920d77878b813297efb1b8a4ecb9ed7e541e854d048623c86e511bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0EF51E44E33AC1F140
content-md5: uz/7DBI6o8MdRpEFMohLuQ==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 6c67f75d6e6716b46e0e0b877f59a7ce
x-oss-object-type: Normal
c-type: df
last-modified: Wed, 12 Jun 2024 21:22:54 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 6025646649138008951
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 5.json Show response
oss.pqrst123vip.com/hall/system/status/currency/CNY/language/zh/osType/4/platformType/ 17 KB
12 KB 438ms
431ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/system/status/currency/CNY/language/zh/osType/4/platformType/5.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

ed1a79f3111823e06fe09482a684c250fee3172621779b83d25d86853ea3ae71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0EA251FD3AC5C0B9EB
content-md5: B4wGy6yso2pas+6Pr079Hg==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: bd2de674c963e8255c090291b3c55b3a
x-oss-object-type: Normal
c-type: df
last-modified: Thu, 13 Jun 2024 19:18:30 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 3112848118762159138
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 5.json Show response
oss.pqrst123vip.com/hall/api/lobby/webapi/optimization/site/config/language/zh/platformType/ 12 KB
9 KB 446ms
439ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/api/lobby/webapi/optimization/site/config/language/zh/platformType/5.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

cdeca88d213bee428c18e0e205c64b121044ddafe8c0f8678af3c4caa438b7a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0EDE66931469C398F0
content-md5: R2ALvcUPhRlwclY2dq7kPg==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: beee9a98fccb9ed58c10d71025fbb057
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 17 Jun 2024 12:29:52 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 10813104964218458230
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 404 maintain-time.json Show response
oss.pqrst123vip.com/cocos/ 405 B
596 B 560ms
556ms XHR
application/xml 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/cocos/maintain-time.json?timestamp=1718701838647

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

3530250753291a075849316f2bf09994c23ff599fbe700d623fcb397df673568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E47CBA4D812C224B1
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
content-type: application/xml
x-oss-ec: 0026-00000001
x-oss-server-time: 1

GET
H2 200 7079.24ce9811c64ddc698883.js Show response
pevi.r4b5u2t.com/assets/ 1 KB
1 KB 380ms
378ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/7079.24ce9811c64ddc698883.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

502d015f4e694e0bf739b4debe595ee005dfca7c16cf0b4b7e9d806014b1303d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0EA87B9A3530A3E744
content-md5: 3p4dVE+y9ztfE+EgOWEgxA==
x-cache-status: MISS
rid: 5140426decdd086c663186f90519db25
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"DE9E1D544FB2F73B5F13E120396120C4"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 16167166293414604447
x-oss-server-time: 12

GET
H2 200 5419.8b85c75646ffe41c2e13.css
pevi.r4b5u2t.com/assets/ 9 KB
2 KB 439ms
438ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/5419.8b85c75646ffe41c2e13.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

4e89748aecccae426b960630a5336069417ffad213d305d29c261bff0f6f09c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
content-encoding: gzip
x-oss-request-id: 66714F0EF397E23833198125
content-md5: EJgvNTCqzGpy0fYAAxjiKA==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: db4476d38685bf3845deb087a424e5e8
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 15636462324424733967
x-oss-server-time: 64

GET
H2 200 5419.11d4aac64544eb337186.js Show response
pevi.r4b5u2t.com/assets/ 29 KB
12 KB 396ms
396ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/5419.11d4aac64544eb337186.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

3ad7a15ea5ec8fe0ee49ee9073499d277de96e403d38ed1bd135d64ef0a1b3d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E1E3C923736861A0B
content-md5: zvXNeFB5I/ThuRimILvZcw==
x-cache-status: MISS
rid: bac2fceeed2cb0f4732f2666ed643a16
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"CEF5CD78507923F4E1B918A620BBD973"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 11853279872516398344
x-oss-server-time: 21

GET
H2 200 3203.2e8c51ab96414f42aa6f.js Show response
pevi.r4b5u2t.com/assets/ 4 KB
2 KB 399ms
399ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/3203.2e8c51ab96414f42aa6f.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

b9659119a3c7b13f8d4ac0449275295fa84d46614c5dcfb159b2de90a153ecc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0EFEEE6A3934B8E0BA
content-md5: GERkBtX+WxFpXfCl5+FSkw==
x-cache-status: MISS
rid: 6f09cc044edf23d0917ac5d6c4bbd09e
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"18446406D5FE5B11695DF0A5E7E15293"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 7577109430836309712
x-oss-server-time: 31

GET
H2 200 6311.b7fc00cc2e35ba6924ef.css
pevi.r4b5u2t.com/assets/ 7 KB
2 KB 384ms
383ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/6311.b7fc00cc2e35ba6924ef.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

c8a2ea77c506d68eddea1a27762f83809b32e487d95434d6845095cd921f9917

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0E36F90D373940F0D3
content-md5: J9srEfF8t0HMNy7pN2yt3w==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: 65b966d87ea9ea8ebf8472d4211a8b10
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 13974744449496413855
x-oss-server-time: 15

GET
H2 200 6311.2d5ec7d1cdbba2b585f5.js Show response
pevi.r4b5u2t.com/assets/ 5 KB
2 KB 382ms
380ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/6311.2d5ec7d1cdbba2b585f5.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

82341aee16d2541d507623f4727ac54ef4776400e97522941d1358c41008fe03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0EC05EDB30372B0354
content-md5: xnLc5FlXGKwKMPWtNzR9Tw==
x-cache-status: MISS
rid: 3514b8e6193febe181ff89d69edc7853
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"C672DCE4595718AC0A30F5AD37347D4F"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 186983545884135276
x-oss-server-time: 15

GET
H2 200 3123.1a76be986785be0c2744.css
pevi.r4b5u2t.com/assets/ 3 KB
1 KB 400ms
398ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/3123.1a76be986785be0c2744.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

4d77e01d895472fc4f8c33c607913d30912de963501c566f178f5a9c7998adfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
content-encoding: gzip
x-oss-request-id: 66714F0E048FEF39387E88E5
content-md5: jcmpSoPaWucb8Xtrx7xsfw==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: 183cb96c510a22a726b7ccc88e4b561f
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 3114555271504268530
x-oss-server-time: 35

GET
H2 200 3123.58076876679f6115286e.js Show response
pevi.r4b5u2t.com/assets/ 6 KB
2 KB 403ms
401ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/3123.58076876679f6115286e.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

b2dfa19bd98ab4a9fddb1f7adf1a9299e10fb349738bef1f2889083abb9855e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E0900E63036DD2606
content-md5: pSDWjSkobKeoUP3kfRaZZQ==
x-cache-status: MISS
rid: 180d7898273587a16b222527e0e3263a
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"A520D68D29286CA7A850FDE47D169965"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 5931352540268371703
x-oss-server-time: 35

GET
H2 200 1256.4f7307e1d86b07d1aa6f.css
pevi.r4b5u2t.com/assets/ 530 B
673 B 366ms
366ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/1256.4f7307e1d86b07d1aa6f.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

62ee1198cf40758a2d3a919eaf275b832b609b9660a3aae7dfc836026a79feb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0EFEEE6A3632CBE0BA
content-md5: WX5/hBQk+VNils9zSXoetA==
x-cache-status: MISS
rid: 51b1b03c26c2fd88c166dce309e1b8c3
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"597E7F841424F9536296CF73497A1EB4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 13405930401309480728
x-oss-server-time: 1

GET
H2 200 1256.d45118cec4fa1107ba99.js Show response
pevi.r4b5u2t.com/assets/ 970 B
985 B 391ms
390ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/1256.d45118cec4fa1107ba99.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

481dde1414f9a9996cf35cdb7a7fa412adc6b6d41569c9552718e1362da342e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E70888B3539EEF89C
content-md5: 4YbltJVpkffClPr4RVnQnA==
x-cache-status: MISS
rid: e997bde63278a894dd013296e9c7c4fb
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"E186E5B4956991F7C294FAF84559D09C"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 1999045581184865396
x-oss-server-time: 22

GET
H2 200 3915.56b398dd65d90d63cf92.css
pevi.r4b5u2t.com/assets/ 4 KB
1 KB 410ms
409ms Stylesheet
text/css 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/3915.56b398dd65d90d63cf92.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

3f1e8b18f11e7a4e47b35dc8927a915a2aa622d2a93af5033da1bce413c6be4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
content-encoding: gzip
x-oss-request-id: 66714F0E5ADBFC3936B84107
content-md5: KK25t/jc/Std6sEz4HIvhA==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: a354bee59e2511bd0d277d0e697fc5fb
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 10239323282974809638
x-oss-server-time: 26

GET
H2 200 3915.60f7929adf491513cd99.js Show response
pevi.r4b5u2t.com/assets/ 6 KB
3 KB 457ms
457ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/3915.60f7929adf491513cd99.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

890bf4ff46b24c5b1e44fd81d5ce3b3f9a76c58345ca6d1596eac50786c24c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E2BFAC735300D6390
content-md5: aSwBM3eLqHOWz6MgDTR6Jw==
x-cache-status: MISS
rid: e126a6281cff7560ba0ccc7e871d2923
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"692C0133778BA87396CFA3200D347A27"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 8107677207782668190
x-oss-server-time: 35

GET
H2 200 5653.fb2610961c5561191d55.js Show response
pevi.r4b5u2t.com/assets/ 2 KB
1 KB 439ms
439ms Script
text/javascript 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/5653.fb2610961c5561191d55.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

73fd95c83b36d3aa1c0a2fe9125bada591ed02b7408b9c26ebb1b983a0908938

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0E7732EB32363155E0
content-md5: p4Jmqh7MAhxRm3/JzAzHQQ==
x-cache-status: MISS
rid: f06e04d837af972584bebd8ab4d917aa
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"A78266AA1ECC021C519B7FC9CC0CC741"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 12653181380647423898
x-oss-server-time: 43

GET
H2 200 apng_top_jr.png Show response
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/web/ 189 KB
190 KB 401ms
400ms XHR
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/web/apng_top_jr.png?manualVersion=1&version=v4.0.350

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

332d6fe2aba96bf3c0f54ce0ba9c0065a56eef9c9de603b2e06891b0ee660a73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0F43AE61287DC0C320
content-md5: Yi1yMAX7dUMDtnYNUojoKg==
x-cache-status: MISS
content-disposition: attachment
rid: 53fd35fe86e69b0e1be59d5c7669074a
content-length: 193274
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:25:30 GMT
server: gocache
etag: "622D723005FB754303B6760D5288E82A"
vary: Origin
access-control-allow-methods: GET, POST, HEAD, PUT
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 200
cache-control: max-age=86400
x-oss-ec: 0048-00000110
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-force-download: true
x-oss-hash-crc64ecma: 12696213559466336965
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H/1.1 200
OK bg_pattern_tile2.png
stf3v2-268-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/172/common-0/common/ 1 KB
2 KB 1130ms
711ms Image
image/png 47.254.186.236
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stf3v2-268-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/172/common-0/common/bg_pattern_tile2.png?manualVersion=1&version=v4.0.350
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.186.236 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: fa68ce6d277ff0178c8d35c410529d2f98ba5a26ad633994012a79f7f0a77033

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:40 GMT
x-oss-request-id: 66714F0FA251FD3AC5C0BAF7
Content-MD5: Ln2OlPalSrh/G6TvZtnjFQ==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 1270
x-oss-object-type: Normal
Last-Modified: Mon, 17 Jun 2024 09:23:03 GMT
Server: AliyunOSS
ETag: "2E7D8E94F6A54AB87F1BA4EF66D9E315"
Vary: Origin
Content-Type: image/png
x-oss-ec: 0048-00000110
Cache-Control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8575340938974993105
x-oss-server-time: 1

GET
H2 200 default.json Show response
oss.pqrst123vip.com/hall/active/isShowV2/ 684 B
1 KB 531ms
507ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/active/isShowV2/default.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

543b76bf419a268865d87f465f3dc452d99362933b7ebfe2cdad56b57a2721e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0F5943073251C977E6
content-md5: CsiJei3BrGSCH2oEXmu12g==
content-disposition: attachment
rid: 5de370c89b71c24189d9af0cd7665e0f
x-oss-object-type: Normal
c-type: df
last-modified: Fri, 14 Jun 2024 17:22:00 GMT
server: gocache
etag: W/"0AC8897A2DC1AC64821F6A045E6BB5DA"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 12303419640213461375
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 4.json Show response
oss.pqrst123vip.com/hall/home/maxChargeRate/currency/CNY/osType/ 88 B
725 B 535ms
511ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/home/maxChargeRate/currency/CNY/osType/4.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

a31b03f3d83bfaa85831436a8a5e8bef8576f0e26d31cbaf4c92585178e0a3f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0FCD3972AC48CA3D0C
content-md5: VwjMOpi1+yAxK5g4L6RqIQ==
content-disposition: attachment
rid: c86ee62de6230ff4003f697318b7a3e2
x-oss-object-type: Normal
c-type: df
last-modified: Tue, 18 Jun 2024 09:08:30 GMT
server: gocache
etag: W/"5708CC3A98B5FB20312B98382FA46A21"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 11472452684446057509
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/api/game/hall/listPlatformCateLoadV2/currency/CNY/language/ 21 KB
15 KB 538ms
513ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/api/game/hall/listPlatformCateLoadV2/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

49fe0570b8edeb12cd849ef1349b667383db8508ddf2c82a1cead88b4071873c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
content-encoding: gzip
x-oss-request-id: 66714F0FDE66931469C39943
content-md5: QHh4Y6hQ0d/9Bqs0BJYZjA==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 655b5404a665714403365a76bda63e2c
x-oss-object-type: Normal
c-type: df
last-modified: Tue, 18 Jun 2024 05:01:49 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 8961213734393497976
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/api/game/hall/listExtLinkV2/currency/CNY/language/ 128 B
753 B 533ms
509ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/api/game/hall/listExtLinkV2/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

049175f56194ed5fdf1d1c0ab1ab11c5da6cd4984200fbc8af3bed3813c6915f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0FCC39EA8F6EC5BF03
content-md5: HmJwTm9VOHgof6a1jPAGnw==
content-disposition: attachment
rid: 76dd1280963eb7c614ebf90aea117e36
x-oss-object-type: Normal
c-type: df
last-modified: Tue, 11 Jun 2024 16:00:02 GMT
server: gocache
etag: W/"1E62704E6F553878287FA6B58CF0069F"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 14489945541117474148
x-oss-server-time: 1
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 CNY.json Show response
oss.pqrst123vip.com/hall/api/game/hall/listVirtualBonusPoolV2/currency/ 128 B
752 B 526ms
513ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/api/game/hall/listVirtualBonusPoolV2/currency/CNY.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

06a56034a35d3fb45ca74845c053079d232dcbc5567abb7ad5b0a60617fc518f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F0FA1B449098DBDABAC
content-md5: rKzxjJLq6fvdad5Suadp4w==
content-disposition: attachment
rid: 2148157d4610e4c9d43c59be03ee1b71
x-oss-object-type: Normal
c-type: df
last-modified: Tue, 11 Jun 2024 16:00:02 GMT
server: gocache
etag: W/"ACACF18C92EAE9FBDD69DE52B9A769E3"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 8782988309461130455
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/active/category/currency/CNY/language/ 78 KB
46 KB 525ms
514ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/active/category/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

3fd353cfc097c53020bae7e5e1155b7190710b442d38f435f5c5e5421621143e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
content-encoding: gzip
x-oss-request-id: 66714F0F5943073251C977F6
content-md5: oImGxisg0SbdJsNoVoYb+w==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: fa77f5935c35092711b7e4feef06683d
x-oss-object-type: Normal
c-type: df
last-modified: Fri, 14 Jun 2024 20:24:00 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 11601329282370736770
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/api/game/hall/hotListV2/currency/CNY/language/ 4 KB
4 KB 821ms
812ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/api/game/hall/hotListV2/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

43b028982ebaa83bf333bcb2be1706e5d9f8640238f673b15f1c3b6838ebf77f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
content-encoding: gzip
x-oss-request-id: 66714F0F95F22B3F17C0BC52
content-md5: a9PbbHUh1Ac+CR7wGh4iTg==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 1bb35b4df0a85bd13f6bd0f0af066bc5
x-oss-object-type: Normal
c-type: df
last-modified: Tue, 18 Jun 2024 04:58:15 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 15395300211782565750
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 10.json Show response
oss.pqrst123vip.com/hall/message/all/index/currency/CNY/language/zh/list/0/marqueePage/1/marqueeSize/ 3 KB
3 KB 820ms
811ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/message/all/index/currency/CNY/language/zh/list/0/marqueePage/1/marqueeSize/10.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

dd56b2eeb91319d35a2944cde303b3b3ff768bc9838ce8881015d6915a304b83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
content-encoding: gzip
x-oss-request-id: 66714F0FB227D44BDEC69E6D
content-md5: GnwProvbmGmqMSg7fUra4w==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 66bdc71ecfe11280c716779b51bbd320
x-oss-object-type: Normal
c-type: df
last-modified: Tue, 18 Jun 2024 08:31:30 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 11368009940008239872
x-oss-server-time: 4
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 h5_zs_jr.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 3 KB
4 KB 538ms
526ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/h5_zs_jr.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

0a7ff3b6cf4f4238f9bb37ff6456db8b6a111aec803e9c6628e48b99cc9c9a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0FB227D44BDEC69E78
content-md5: 4bVrbkDMJSj9QNZCYOWooQ==
x-cache-status: MISS
content-disposition: attachment
rid: 9a0d75ad4dedb59c336a49dc157db136
content-length: 3106
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:03 GMT
server: gocache
etag: "E1B56B6E40CC2528FD40D64260E5A8A1"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 15895384099272374355
x-oss-server-time: 5
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 h5_zs_jr3.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 44 B
594 B 535ms
524ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/h5_zs_jr3.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

7ee18766441fe9b689a58fe39c47fb865e545c83b247b4a24eb8965ba948fe79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0FB227D44BDEC69E77
content-md5: wyh/SIcntmomXMwpK5NRqA==
x-cache-status: MISS
content-disposition: attachment
rid: 363ece30c37ec594589b5e3f709b6855
content-length: 44
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:53 GMT
server: gocache
etag: "C3287F488727B66A265CCC292B9351A8"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14949001379604372144
x-oss-server-time: 3
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 h5_zs_jr2.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 3 KB
4 KB 415ms
405ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/h5_zs_jr2.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

ae8b89461f8047826153619a6de4628de87a62db4042db5674e237894848f218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0F5943073251C97851
content-md5: 7z/O+cUFVlmZYeCaqFOIuw==
x-cache-status: MISS
content-disposition: attachment
rid: 3ee7e02c31aa887107bc021910ad675f
content-length: 3198
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:53 GMT
server: gocache
etag: "EF3FCEF9C50556599961E09AA85388BB"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 7618037644260435149
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 bg_pattern_tile.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common-0/common/ 1004 B
2 KB 418ms
409ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common-0/common/bg_pattern_tile.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

2c7899a3ad617e8fa5c3507b677466d7ede10a65ec431a44e648aa82880463d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0F9A4636ED71C1789A
content-md5: xWTxL4Kl6zlsittuwSSEJQ==
x-cache-status: MISS
content-disposition: attachment
rid: d37eb7eb13a8c5d6be4e0b366ef1a12d
content-length: 1004
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:25:02 GMT
server: gocache
etag: "C564F12F82A5EB396C8ADB6EC1248425"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16822963298037146832
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 icon_btm_jr.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 6 KB
7 KB 526ms
519ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/icon_btm_jr.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

b61d41b5cbf124bbf9700a53277b0105cedb1ec89e6e7d457480aaa4681d20f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0F9A4636ED71C1789B
content-md5: L0W1tOx/cuZSLdPYPBu11A==
x-cache-status: MISS
content-disposition: attachment
rid: cb68d65c1e01183dc2831b3c7486c9d2
content-length: 6476
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:53 GMT
server: gocache
etag: "2F45B5B4EC7F72E6522DD3D83C1BB5D4"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16967752731087654909
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 icon_btm_jr3.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 46 B
594 B 423ms
416ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/icon_btm_jr3.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

22ea7f15509824e86aa0900e5d5f5301734214443ee2f415a6011b94f2bfa821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0F522E162793C268D6
content-md5: HohA6ZwLkoRpfTEGlSvBiA==
x-cache-status: MISS
content-disposition: attachment
rid: 006f9cb6288584f77be0753b4cb286d8
content-length: 46
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:25:02 GMT
server: gocache
etag: "1E8840E99C0B9284697D3106952BC188"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 4974923758475718639
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 icon_btm_jr2.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 6 KB
6 KB 427ms
420ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/icon_btm_jr2.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

1198d0cecb4a383da7ce4641be9d65d11581bdda0ace71d439802580989a768e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0FCC39EA8F6EC5BF6E
content-md5: u0CSAX3c4SxL8a53CTo1zQ==
x-cache-status: MISS
content-disposition: attachment
rid: 3583650d31bec56c58ff1acf8a2c4368
content-length: 5918
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:25:02 GMT
server: gocache
etag: "BB4092017DDCE12C4BF1AE77093A35CD"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 2851756953495932665
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET icon_dt_pmd.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-common/web/home/ 0
0

GET
H2 200 btn_zc1_jr2.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 3 KB
3 KB 527ms
521ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/btn_zc1_jr2.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

021f986ea1c3df961261e3869e0b9d81a6584b083640abb62686a61c6ba83978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0F522E162793C268D7
content-md5: REXnL0QLcYhmkdZVk414Tw==
x-cache-status: MISS
content-disposition: attachment
rid: e68f3a1ca12e3d78a1bff3a55ed5f3da
content-length: 2980
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:53 GMT
server: gocache
etag: "4445E72F440B71886691D655938D784F"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 13973447739048899761
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 btn_zc1_jr.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 2 KB
2 KB 528ms
522ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/btn_zc1_jr.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

f6e91d2f19b978c3c2306e6fac1af644685575beff1a608d2dab10bbfb4a118d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0F304E2EE99CC318CB
content-md5: KQKU3Cz6L5nTxISAR8M2tA==
x-cache-status: MISS
content-disposition: attachment
rid: db5fcacf2720c80a5e0b01f1c1b231bd
content-length: 1876
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:03 GMT
server: gocache
etag: "290294DC2CFA2F99D3C4848047C336B4"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 12949118896802727598
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 btn_zc1_1.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-11/web/common/ 1 KB
2 KB 535ms
529ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-11/web/common/btn_zc1_1.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

81fa2fd58df999535da8d6290a18abae4f51142f581d1bbcb8981f9f1ce41082

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0F1AC7F9BA9BC465EE
content-md5: tAkYUNycMPDjITWAx1oLUQ==
x-cache-status: MISS
content-disposition: attachment
rid: 3f9a22cf327882d388cb565bfbfd8960
content-length: 1396
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 07:47:17 GMT
server: gocache
etag: "B4091850DC9C30F0E3213580C75A0B51"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 2820812520913775051
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 icon_dtfl_rm_1.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/ 2 KB
3 KB 535ms
530ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_rm_1.webp?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

beb78d667055fdefa9a9e19a5dfdfb8abdda09d643e24db1daef79673a712222

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0FA251FD3AC5C0BAB3
content-md5: Rcnc18vTmPdSLGVGpaberQ==
x-cache-status: MISS
content-disposition: attachment
rid: 38072d4afdf2d8b579623a9527efe9dd
content-length: 2302
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 07:47:17 GMT
server: gocache
etag: "45C9DCD7CBD398F7522C6546A5A6DEAD"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 3451730334228747403
x-oss-server-time: 21
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
DATA 200
OK truncated
/ 70 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44d5041f007d30a9b7079bd3a42ef6da96c4cda10a25b1bcc5a0a6f92b0aadcc

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/customer/getWebTrans/language/ 658 KB
413 KB 649ms
618ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/customer/getWebTrans/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

718c2ee6f3ad762eee0fb4316d59ed3aaa3d63e89b8746fa147a327fe46c3490

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
content-encoding: gzip
x-oss-request-id: 66714F0F47CBA4D812C225C2
content-md5: NYTlEbLddBjP24uhr5tnYA==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 82f41ab612bf12ce4f1a31d81a3a4f98
x-oss-object-type: Normal
c-type: df
last-modified: Tue, 18 Jun 2024 08:49:10 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 9559123237100954838
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
4 KB 194ms
65ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

1ca7491cc98904d00033ed6f612c49bae0c55abd110de054d9fc0a8dd2c713b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jun 2024 09:10:39 GMT
content-md5: 1snpfBvrdZKiYumr1FoJlw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1685
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=38, rtx=0, c=12, mss=1297, tbw=2793, tp=-1, tpl=-1, uplat=0, ullat=-1
x-fb-debug: mcPQzKUbGmDe0I4/gddpbf5pX0LiXOcgtqBwJKVnv+c5e0EkymgHxJr5AozaRVF2dg4z8+vkXR6zdWKXRDrKWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 0cd63ce0b18c523a39c5c918233d6cdd
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "f071e6974a93fc5852ad9cd18fa5337e"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Tue, 18 Jun 2024 09:13:09 GMT

GET
H2 200 1698149475411931137.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 85 KB
86 KB 354ms
347ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1698149475411931137.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

146bfddc1f7780dd25cf722ca1b53dd75bfbdca3763ce39cfefbd001467afd92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669BAB8200A5E1CCE9EE
content-md5: XpskIUlzrBuUe61lLpGnoA==
x-cache-status: HIT
content-disposition: attachment
rid: 9ee0531e9f11e39968ada2217551ead3
content-length: 87081
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:41:02 GMT
server: gocache
etag: "5E9B24214973AC1B947BAD652E91A7A0"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 1186589850380825719
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1774589736844242945.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 170 KB
171 KB 474ms
468ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1774589736844242945.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

ea9cd306c49d379289c34125209828d3a1141e8bbb252eb585678a006578b0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669BDE66931469CAC735
content-md5: 5s08+UMnAwadh9WIT4L7pg==
x-cache-status: HIT
content-disposition: attachment
rid: c5e72a3d1444832f0b4d6b3da36ab49b
content-length: 174065
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 01 Apr 2024 00:08:58 GMT
server: gocache
etag: "E6CD3CF9432703069D87D5884F82FBA6"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10912157329755276372
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1746055967778111490.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 264 KB
265 KB 475ms
468ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1746055967778111490.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

4e3bf3e916f836283cc24fd3c0802fcaebe05cbc71d0af4167b34e5b46496629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669BEA47EC12EDC83A6B
content-md5: bZdw0wykb5KdG71/7K+oSg==
x-cache-status: HIT
content-disposition: attachment
rid: cbf0ba8c4bd6f137bc085daf47c75ab2
content-length: 270718
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 13 Jan 2024 06:26:01 GMT
server: gocache
etag: "6D9770D30CA46F929D1BBD7FECAFA84A"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 17487916349111890634
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1746056378918895617.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 217 KB
218 KB 475ms
469ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1746056378918895617.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

893cdd7dfe26424cfd71c4836a058d5d8f81503eee3f4434cb4981d8914f2caf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669BF51E44E33AC96E3C
content-md5: iJjsXj2ajNIccQMB83lzFQ==
x-cache-status: HIT
content-disposition: attachment
rid: 2a8f68419476687cd1b8e7a8107edd38
content-length: 222318
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 13 Jan 2024 06:27:39 GMT
server: gocache
etag: "8898EC5E3D9A8CD21C710301F3797315"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 3768732719639567890
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1746061137960763394.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 151 KB
152 KB 474ms
468ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1746061137960763394.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

ef31b2ea46dff3569158dd9825606a6db525e12ee3ff63e6db40660f7a3af546

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669BEA47EC12EDC83A88
content-md5: fCarrJ7BDoZX2PR0A1Uf2Q==
x-cache-status: HIT
content-disposition: attachment
rid: 7c618ea351ed5eeda096374377eeaedf
content-length: 154444
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 13 Jan 2024 06:46:34 GMT
server: gocache
etag: "7C26ABAC9EC10E8657D8F47403551FD9"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 11835810261704427615
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1746072372283527169.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 211 KB
212 KB 475ms
469ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1746072372283527169.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

f4d059d677b8a3536c708646dde04e44e75bffcd29d4888a2e1d037ecbb31191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669B522E162793C987DC
content-md5: WDaca5ur2lv8CbH4s7+gXw==
x-cache-status: HIT
content-disposition: attachment
rid: 18c8a178b52ac902a6bd05f869b0c047
content-length: 216007
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 13 Jan 2024 07:31:12 GMT
server: gocache
etag: "58369C6B9BABDA5BFC09B1F8B3BFA05F"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 1109334669608030253
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1796131816683909122.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 108 KB
108 KB 475ms
470ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1796131816683909122.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

cb465dfdc49522b2eb387961c80e5cfe2f4800c4f42bf0ef79a7b614e5fc1daf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669C43AE61287DC80C5C
content-md5: N4o4UUFLo6OYpG53xBHXVw==
x-cache-status: HIT
content-disposition: attachment
rid: 1479b83cd216bb731f0779b1056ea7bd
content-length: 110296
x-oss-object-type: Normal
c-type: st
last-modified: Thu, 30 May 2024 10:49:33 GMT
server: gocache
etag: "378A3851414BA3A398A46E77C411D757"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 1658518269728675812
x-oss-server-time: 4
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1711088005856980994.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 93 KB
94 KB 475ms
470ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1711088005856980994.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

cc90a96fb3c15662a9669fab339c31f494d7c15503d1e6a05bc01b4745e9f3b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669CFA4CB66D77C922F7
content-md5: Zj6kf3d0SLqtBlL6svnPmg==
x-cache-status: HIT
content-disposition: attachment
rid: c538d7c48fc4f591714e43a01a0bcb35
content-length: 95569
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 08 Oct 2023 18:35:48 GMT
server: gocache
etag: "663EA47F777448BAAD0652FAB2F9CF9A"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5235808356581618059
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1698158752461197313.png
oss.pqrst123vip.com/siteadmin/upload/img/ 138 KB
138 KB 480ms
475ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1698158752461197313.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

44a0da0181d730ed0112ebe3c14982e678877a7abc7f1f5c9cdb81b6516f53b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669DF51E44E33AC970CB
content-md5: J6mjyOxujz6lLBQY4fCM5g==
x-cache-status: HIT
content-disposition: attachment
rid: a4256b5e85ae2066be7dbca035b1b27c
content-length: 140986
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:41:02 GMT
server: gocache
etag: "27A9A3C8EC6E8F3EA52C1418E1F08CE6"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 15668246467058927280
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1719510492229898241.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 80 KB
81 KB 479ms
475ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1719510492229898241.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

2f4abcc66b5a48ad54c9017a2730508861519c7221d8d851896a9ced02a80ed2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669D30CDE347A9C6916A
content-md5: dcXfBjzZ3E6iLLGG94csrA==
x-cache-status: HIT
content-disposition: attachment
rid: 9c2584defb47573b3e707c5fb7d3559d
content-length: 82351
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 01 Nov 2023 00:23:45 GMT
server: gocache
etag: "75C5DF063CD9DC4EA22CB186F7872CAC"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16761674019227337094
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1723221784367685634.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 164 KB
165 KB 479ms
476ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1723221784367685634.jpg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

0f3a49c384d66f7dbd41085fdffca7cf6ee8b1c53951e8541ebe31faf67c1f29

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669D304E2EE99CCA076C
content-md5: 6WNFA0Fc6tGLkQl9VQvymA==
x-cache-status: HIT
content-disposition: attachment
rid: eb7c15297a3c054e6f27b025dc4d1d9b
content-length: 168243
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 11 Nov 2023 06:11:06 GMT
server: gocache
etag: "E9634503415CEAD18B91097D550BF298"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10243654178772794291
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H/1.1 404
Not Found sprite.svg Show response
stf3v2-268-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/172/1-0/ 430 B
843 B 782ms
603ms XHR
application/xml 47.254.186.236
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://stf3v2-268-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/172/1-0/sprite.svg?manualVersion=1&version=v4.0.350
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.186.236 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: d4dfa5f4be8bab46d661def70d28696d4dd1f5ea97993d5b33c2d10406ff1fd4

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:40 GMT
x-oss-request-id: 66714F10A251FD3AC5C0BB70
Server: AliyunOSS
Vary: Origin
Access-Control-Allow-Methods: GET, POST, HEAD, PUT
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Etag
Access-Control-Max-Age: 200
x-oss-ec: 0026-00000001
Connection: keep-alive
Content-Length: 430
x-oss-server-time: 2

GET
H2 200 webPushSdk.min.2.1.0.js Show response
pevi.r4b5u2t.com/libs/webPush@2.1.0/ 100 KB
0 608ms
608ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/libs/webPush@2.1.0/webPushSdk.min.2.1.0.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

a69fa3ccd6ccc8b251dc3609f2c4a2c399e3f94f4583ad590db81c9622cc305d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F0F7732EB3236F25FE0
content-md5: LHKIIdWAqcpFnIhIzYtj4w==
x-cache-status: MISS
rid: 633e5a008761c6b29909f109553dc8d9
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"2C728821D580A9CA459C8848CD8B63E3"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 8677893404008255392
x-oss-server-time: 6

GET
H2 200 1639603964032897026.png
oss.pqrst123vip.com/siteadmin/upload/img/ 7 KB
8 KB 517ms
474ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1639603964032897026.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

05a501bf1cb58c7cbace657a93d36a1885bb037d59392d5e92d0a26d6008a253

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669A1AC7F9BA9BCB0F07
content-md5: WnRLeOXyJFTdnNTissIDeg==
x-cache-status: HIT
content-disposition: attachment
rid: f84f74e1fd293f32c08b27a65f39bab2
content-length: 7411
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:41:02 GMT
server: gocache
etag: "5A744B78E5F22454DD9CD4E2B2C2037A"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14938941920938573689
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:40 GMT

GET
H2 200 comm_icon_gou.svg Show response
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/common/web/common/ 413 B
909 B 388ms
385ms XHR
image/svg+xml 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/common/web/common/comm_icon_gou.svg?mode=mask&manualVersion=1&version=v4.0.350

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

4b4877375a7af765e2fa097e240b7051b28ca8133929ee7d44c49fedb8231591

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F1047CBA4D812C226A7
content-md5: RGnO11iVHKK2qu2jVLqKeA==
x-cache-status: MISS
content-disposition: attachment
rid: 976867ac71dca917d78557a8da0ce076
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 18 Jun 2024 02:56:30 GMT
server: gocache
etag: W/"4469CED758951CA2B6AAEDA354BA8A78"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: max-age=86400
x-oss-force-download: true
content-type: image/svg+xml
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 16332130678314105
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:40 GMT

GET
BLOB 200
OK 069056b0-58a1-4099-88bf-e33d41435eb2
https://pevi.r4b5u2t.com/ 291 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/069056b0-58a1-4099-88bf-e33d41435eb2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11ab086ecf551fac5e40f679015920b951e055581370d47dff8c9b84165fb476

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 298476
Content-Type: image/png

GET
H/1.1 404
Not Found maintain-time.json Show response
stf3v2-268-ppp.oss-accelerate.aliyuncs.com/cocos/ 400 B
813 B 332ms
246ms XHR
application/xml 47.254.186.236
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://stf3v2-268-ppp.oss-accelerate.aliyuncs.com/cocos/maintain-time.json?timestamp=1718701840308
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.186.236 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: a782e55d00ab511f2640007b4eefe67a4a27073ccb7ded80139ad7d1e078080e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:40 GMT
x-oss-request-id: 66714F1095F22B3F17C0BD5F
Server: AliyunOSS
Vary: Origin
Access-Control-Allow-Methods: GET, POST, HEAD, PUT
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Etag
Access-Control-Max-Age: 200
x-oss-ec: 0026-00000001
Connection: keep-alive
Content-Length: 400
x-oss-server-time: 2

GET
H/1.1 200
OK bg_pattern_tile2.png
stf3v2-268-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/172/common-0/common/ 1 KB
2 KB 228ms
228ms Image
image/png 47.254.186.236
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stf3v2-268-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/172/common-0/common/bg_pattern_tile2.png?manualVersion=1&version=7d2b50edc6
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.186.236 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: fa68ce6d277ff0178c8d35c410529d2f98ba5a26ad633994012a79f7f0a77033

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:40 GMT
x-oss-request-id: 66714F1099D9D610B8C246F1
Content-MD5: Ln2OlPalSrh/G6TvZtnjFQ==
Content-Disposition: attachment
Connection: keep-alive
Content-Length: 1270
x-oss-object-type: Normal
Last-Modified: Mon, 17 Jun 2024 09:23:03 GMT
Server: AliyunOSS
ETag: "2E7D8E94F6A54AB87F1BA4EF66D9E315"
Vary: Origin
Content-Type: image/png
x-oss-ec: 0048-00000110
Cache-Control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
Accept-Ranges: bytes
x-oss-hash-crc64ecma: 8575340938974993105
x-oss-server-time: 1

GET
H2 200 h5icon.ico
oss.pqrst123vip.com/cocos/lg/ 4 KB
0 1ms
0ms Other
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://oss.pqrst123vip.com:9002/cocos/lg/h5icon.ico
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: eabb1c65604b612d86642e8ffa4779ce31aadc0fba5b121d55bd489ffad0b91d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:38 GMT
x-oss-request-id: 66706698CC39EA8F6ECCFF74
content-md5: 84fNTyQYdgEVWwiEpCiLJQ==
x-cache-status: HIT
content-disposition: attachment
rid: 836cde4d080f72bb59217e4a492de73a
content-length: 4286
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:40:59 GMT
server: gocache
etag: "F387CD4F24187601155B0884A4288B25"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 2649857696120726609
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:38 GMT

GET
H2 200 piaspeed.png Show response
kses.fq4dwq.com/ 2 B
250 B 1416ms
295ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kses.fq4dwq.com:9006/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 0c0284220f8ab7df792ba940af48d5ed
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
bfh.nj1wnu.com/ 2 B
250 B 1386ms
282ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bfh.nj1wnu.com/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 3ca4d2f6179b166e751582157b7d11cb
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
sslg.r10cx7.com/ 2 B
250 B 1312ms
294ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sslg.r10cx7.com:9002/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: ac151d59eadb28e257f403acd8d2d8f6
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
kong.rbblr3.com/ 2 B
251 B 1383ms
300ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kong.rbblr3.com:8090/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 06a73d4faebbb5b589c887a4d75dff18
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
huan.ywm9i5.com/ 2 B
250 B 1298ms
282ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://huan.ywm9i5.com:9007/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 7995d65e981863963f5c0ae63cdeb064
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
ying.zv5838.com/ 2 B
250 B 1403ms
299ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ying.zv5838.com:9090/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 6d59f6dd648c1829f071761b21a0e07d
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
lkc.cc3hkx.com/ 2 B
250 B 1381ms
299ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lkc.cc3hkx.com:9020/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 1091b25cf5e779939c8bb8ff29a88c97
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
dak.8lf24g.com/ 2 B
250 B 1247ms
267ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dak.8lf24g.com:9009/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 0f64bba6d2f5b627d16374b27797971e
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
zng.6a2ex7.com/ 2 B
250 B 1235ms
255ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zng.6a2ex7.com:9090/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 254b40b83f489541a6bf9cda540e805e
content-length: 2
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 piaspeed.png Show response
cvdn.0075123.com/ 2 B
250 B 1355ms
305ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cvdn.0075123.com:9010/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: f7e69685500e5f1e861b3cac2322a916
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H/1.1 200
OK piaspeed.png Show response
www.12378945.com/ 2 B
365 B 1201ms
348ms Fetch
image/png 18.162.246.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12378945.com:9006/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.162.246.23 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-162-246-23.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 07:08:54 GMT
Last-Modified: Tue, 18 Jun 2024 07:08:54 GMT
Server: nginx
ETag: "1718694534"
Access-Control-Max-Age: 3600
X-Cache: HIT, policy, disk
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Content-Length: 2

GET
H/1.1 200
OK piaspeed.png Show response
www.12347089.com/ 2 B
365 B 1199ms
348ms Fetch
image/png 18.162.246.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12347089.com:9002/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.162.246.23 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-162-246-23.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 06:01:10 GMT
Last-Modified: Tue, 18 Jun 2024 06:01:10 GMT
Server: nginx
ETag: "1718690470"
Access-Control-Max-Age: 3600
X-Cache: HIT, policy, disk
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Content-Length: 2

GET
H/1.1 200
OK piaspeed.png Show response
hss.b5c6d7e8.com/ 2 B
365 B 1158ms
312ms Fetch
image/png 137.220.202.25
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.b5c6d7e8.com:9004/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.220.202.25 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 09:35:46 GMT
Last-Modified: Mon, 17 Jun 2024 09:35:46 GMT
Server: nginx
ETag: "1718616946"
Access-Control-Max-Age: 3600
X-Cache: HIT, policy, disk
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Content-Length: 2

GET
H/1.1 200
OK piaspeed.png Show response
hss.54123vip.com/ 2 B
365 B 927ms
279ms Fetch
image/png 137.220.146.142
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.54123vip.com:9003/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.220.146.142 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 10:17:46 GMT
Last-Modified: Mon, 17 Jun 2024 10:17:46 GMT
Server: nginx
ETag: "1718619466"
Access-Control-Max-Age: 3600
X-Cache: HIT, policy, disk
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Content-Length: 2

GET
H/1.1 200
OK piaspeed.png Show response
hss.ert123vip.com/ 2 B
365 B 1110ms
284ms Fetch
image/png 137.220.202.25
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.ert123vip.com:8090/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.220.202.25 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 09:28:37 GMT
Last-Modified: Mon, 17 Jun 2024 09:28:37 GMT
Server: nginx
ETag: "1718616517"
Access-Control-Max-Age: 3600
X-Cache: HIT, policy, disk
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Content-Length: 2

GET
H/1.1 200
OK piaspeed.png Show response
hss.dfg123vip.com/ 2 B
477 B 714ms
350ms Fetch
image/png 138.113.211.72
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.dfg123vip.com/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:41 GMT
Via: 1.1 ianxun22:6 (W), 1.1 PS-AMS-01QkJ103:9 (W)
Access-Control-Max-Age: 3600
X-Ws-Request-Id: 66714f11_PS-AMS-01QkJ103_28125-39092
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
X-Px: ms PS-AMS-01QkJ103AMS,ms ianxun22HKG(origin)
Connection: keep-alive
X-SafeLine-Ray: f7b45368e6e7bfe5-ONE
Content-Length: 2

GET
H/1.1 200
OK piaspeed.png Show response
hss.hjk123vip.com/ 2 B
477 B 1897ms
1490ms Fetch
image/png 138.113.211.72
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.hjk123vip.com/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:42 GMT
Via: 1.1 ianxun22:6 (W), 1.1 PS-AMS-01QkJ103:9 (W)
Access-Control-Max-Age: 3600
X-Ws-Request-Id: 66714f11_PS-AMS-01QkJ103_26016-63505
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
X-Px: ms PS-AMS-01QkJ103AMS,ms ianxun22HKG(origin)
Connection: keep-alive
X-SafeLine-Ray: f7b45368e6e7bfe5-ONE
Content-Length: 2

GET
H2 200 icon_dt_pmd.png
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-common/web/home/ 660 B
1 KB 416ms
411ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-common/web/home/icon_dt_pmd.png?manualVersion=1&version=v4.0.350

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

79273aa0fe5c98f6e79c6e58b8dff3c7135f099bc5925830ae0f924ca8da847c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F1143AE61287DC0C5AE
content-md5: eCod9HORWmGcJWUShuvkQw==
x-cache-status: MISS
content-disposition: attachment
rid: e740cd83c62739bbf46aabfbf4f0e8fa
content-length: 660
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 07:47:18 GMT
server: gocache
etag: "782A1DF473915A619C25651286EBE443"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14606254484637566941
x-oss-server-time: 3
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 btn_zc1_1.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-11/web/common/ 1 KB
0 3ms
3ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-11/web/common/btn_zc1_1.webp?manualVersion=1&version=v4.0.350
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 81fa2fd58df999535da8d6290a18abae4f51142f581d1bbcb8981f9f1ce41082

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 66714F0F1AC7F9BA9BC465EE
content-md5: tAkYUNycMPDjITWAx1oLUQ==
x-cache-status: MISS
content-disposition: attachment
rid: 3f9a22cf327882d388cb565bfbfd8960
content-length: 1396
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 07:47:17 GMT
server: gocache
etag: "B4091850DC9C30F0E3213580C75A0B51"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 2820812520913775051
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
DATA 200
OK truncated
/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd77baf5c92b4d189707bc93e6eb78d6bbc43f24a13ff5ee90c84763e690229f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 19 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90e152337c4e1fc4485d5ee6d51aaf7f1287eb1561b86e6dcf678de7ea00bf20

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icon_dtfl_rm_1.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/ 2 KB
0 1ms
1ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_rm_1.webp?manualVersion=1&version=v4.0.350
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: beb78d667055fdefa9a9e19a5dfdfb8abdda09d643e24db1daef79673a712222

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 66714F0FA251FD3AC5C0BAB3
content-md5: Rcnc18vTmPdSLGVGpaberQ==
x-cache-status: MISS
content-disposition: attachment
rid: 38072d4afdf2d8b579623a9527efe9dd
content-length: 2302
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 07:47:17 GMT
server: gocache
etag: "45C9DCD7CBD398F7522C6546A5A6DEAD"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 3451730334228747403
x-oss-server-time: 21
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1698149475411931137.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 85 KB
0 2ms
1ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1698149475411931137.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 146bfddc1f7780dd25cf722ca1b53dd75bfbdca3763ce39cfefbd001467afd92

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669BAB8200A5E1CCE9EE
content-md5: XpskIUlzrBuUe61lLpGnoA==
x-cache-status: HIT
content-disposition: attachment
rid: 9ee0531e9f11e39968ada2217551ead3
content-length: 87081
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:41:02 GMT
server: gocache
etag: "5E9B24214973AC1B947BAD652E91A7A0"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 1186589850380825719
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1774589736844242945.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 170 KB
0 0ms
0ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1774589736844242945.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: ea9cd306c49d379289c34125209828d3a1141e8bbb252eb585678a006578b0cf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669BDE66931469CAC735
content-md5: 5s08+UMnAwadh9WIT4L7pg==
x-cache-status: HIT
content-disposition: attachment
rid: c5e72a3d1444832f0b4d6b3da36ab49b
content-length: 174065
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 01 Apr 2024 00:08:58 GMT
server: gocache
etag: "E6CD3CF9432703069D87D5884F82FBA6"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10912157329755276372
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 h5_zs_jr.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 3 KB
4 KB 394ms
394ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/h5_zs_jr.webp?manualVersion=1&version=d4f3e92264

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

0a7ff3b6cf4f4238f9bb37ff6456db8b6a111aec803e9c6628e48b99cc9c9a94

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F1147CBA4D812C22864
content-md5: 4bVrbkDMJSj9QNZCYOWooQ==
x-cache-status: MISS
content-disposition: attachment
rid: 6c784150ef6c0fc4cf2c57ee1eb2f347
content-length: 3106
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:03 GMT
server: gocache
etag: "E1B56B6E40CC2528FD40D64260E5A8A1"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 15895384099272374355
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 h5_zs_jr2.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 3 KB
4 KB 395ms
395ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/h5_zs_jr2.webp?manualVersion=1&version=7176f28a4a

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

ae8b89461f8047826153619a6de4628de87a62db4042db5674e237894848f218

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F11DE66931469C39C80
content-md5: 7z/O+cUFVlmZYeCaqFOIuw==
x-cache-status: MISS
content-disposition: attachment
rid: 4926eed647b67a23d80ab75a4e0ffeae
content-length: 3198
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:53 GMT
server: gocache
etag: "EF3FCEF9C50556599961E09AA85388BB"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 7618037644260435149
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 bg_pattern_tile.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common-0/common/ 1004 B
2 KB 443ms
442ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common-0/common/bg_pattern_tile.webp?manualVersion=1&version=ca24d45cf3

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

2c7899a3ad617e8fa5c3507b677466d7ede10a65ec431a44e648aa82880463d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F112FD31717EBC17B55
content-md5: xWTxL4Kl6zlsittuwSSEJQ==
x-cache-status: MISS
content-disposition: attachment
rid: 64fbbadc6b4992fd1b68a02c4ecd1247
content-length: 1004
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:25:02 GMT
server: gocache
etag: "C564F12F82A5EB396C8ADB6EC1248425"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16822963298037146832
x-oss-server-time: 12
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 icon_btm_jr.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 6 KB
7 KB 398ms
398ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/icon_btm_jr.webp?manualVersion=1&version=8f98fddb78

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

b61d41b5cbf124bbf9700a53277b0105cedb1ec89e6e7d457480aaa4681d20f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F11B227D44BDEC6A12C
content-md5: L0W1tOx/cuZSLdPYPBu11A==
x-cache-status: MISS
content-disposition: attachment
rid: fd85c0a7a62c5f3cda5598014aabe394
content-length: 6476
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:53 GMT
server: gocache
etag: "2F45B5B4EC7F72E6522DD3D83C1BB5D4"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16967752731087654909
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 icon_btm_jr3.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 46 B
595 B 397ms
397ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/icon_btm_jr3.webp?manualVersion=1&version=9e8b4abbf9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

22ea7f15509824e86aa0900e5d5f5301734214443ee2f415a6011b94f2bfa821

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F113AD49796AEC0CE6F
content-md5: HohA6ZwLkoRpfTEGlSvBiA==
x-cache-status: MISS
content-disposition: attachment
rid: afb167cd76e37982b0aca1d276d6ff8c
content-length: 46
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:25:02 GMT
server: gocache
etag: "1E8840E99C0B9284697D3106952BC188"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 4974923758475718639
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 icon_btm_jr2.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 6 KB
6 KB 401ms
401ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/icon_btm_jr2.webp?manualVersion=1&version=432335505e

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

1198d0cecb4a383da7ce4641be9d65d11581bdda0ace71d439802580989a768e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F11EA47EC12EDC15412
content-md5: u0CSAX3c4SxL8a53CTo1zQ==
x-cache-status: MISS
content-disposition: attachment
rid: 0ed47e5b04a5b375c1666a19ac136aaf
content-length: 5918
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:25:02 GMT
server: gocache
etag: "BB4092017DDCE12C4BF1AE77093A35CD"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 2851756953495932665
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 btn_zc1_jr2.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 3 KB
3 KB 402ms
401ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/btn_zc1_jr2.webp?manualVersion=1&version=b09c80cd1c

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

021f986ea1c3df961261e3869e0b9d81a6584b083640abb62686a61c6ba83978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F11522E162793C26B7A
content-md5: REXnL0QLcYhmkdZVk414Tw==
x-cache-status: MISS
content-disposition: attachment
rid: e2c6fa5026c6b3f83a8fbb61ee5fa50f
content-length: 2980
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:53 GMT
server: gocache
etag: "4445E72F440B71886691D655938D784F"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 13973447739048899761
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 btn_zc1_jr.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/festival/172/common/common/ 2 KB
2 KB 399ms
398ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/common/common/btn_zc1_jr.webp?manualVersion=1&version=a59ae3039b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

f6e91d2f19b978c3c2306e6fac1af644685575beff1a608d2dab10bbfb4a118d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F111AC7F9BA9BC4683E
content-md5: KQKU3Cz6L5nTxISAR8M2tA==
x-cache-status: MISS
content-disposition: attachment
rid: f6ece6acfd9d7ff0472b3837f5380098
content-length: 1876
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 09:23:03 GMT
server: gocache
etag: "290294DC2CFA2F99D3C4848047C336B4"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 12949118896802727598
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 btn_zc1_2.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-11/web/common/ 274 B
814 B 302ms
301ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-11/web/common/btn_zc1_2.webp?manualVersion=1&version=37a8db1496

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

9109e1734503ef7599c738349c730363cfc899bada4822154c54b649af634358

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F855A1B449098D57C9B0
content-md5: a1Lrvwhdg9Eq71C/x/roag==
x-cache-status: HIT
content-disposition: attachment
rid: c0d7cbdbb4fdf6210c9e1e978d4adf27
content-length: 274
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 07:47:16 GMT
server: gocache
etag: "6B52EBBF085D83D12AEF50BFC7FAE86A"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 4012115856245719216
x-oss-server-time: 4
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 icon_dtfl_dz_1.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/ 3 KB
3 KB 301ms
301ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-common/common/_sprite/icon_dtfl_dz_1.webp?manualVersion=1&version=4986151e69

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

673acff7c1de96eca6522bcd8f83b7d8484a4aec6c096b09a32ce102ec851568

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F855AB8200A5E15FD5EA
content-md5: BLcE2IkxP7m9/y0M8dWDTw==
x-cache-status: HIT
content-disposition: attachment
rid: 5f8a354c2d28fba905ab9f353924c5bd
content-length: 2716
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 07:47:17 GMT
server: gocache
etag: "04B704D889313FB9BDFF2D0CF1D5834F"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 2483379052426249027
x-oss-server-time: 8
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H/1.1 404
Not Found sprite.svg Show response
stf3v2-268-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/172/1-0/ 430 B
843 B 251ms
251ms XHR
application/xml 47.254.186.236
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://stf3v2-268-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/172/1-0/sprite.svg?manualVersion=1&version=v4.0.350
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.186.236 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: 36fb43a79a169eb49d42062b2cf0146985d86fc9a7fef14f7a105401f7947cd1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:41 GMT
x-oss-request-id: 66714F11DE66931469C39C70
Server: AliyunOSS
Vary: Origin
Access-Control-Allow-Methods: GET, POST, HEAD, PUT
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Etag
Access-Control-Max-Age: 200
x-oss-ec: 0026-00000001
Connection: keep-alive
Content-Length: 430
x-oss-server-time: 1

GET
H/1.1 404
Not Found maintain-time.json Show response
stf3v2-268-ppp.oss-accelerate.aliyuncs.com/cocos/ 400 B
813 B 245ms
244ms XHR
application/xml 47.254.186.236
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://stf3v2-268-ppp.oss-accelerate.aliyuncs.com/cocos/maintain-time.json?timestamp=1718701841567
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 47.254.186.236 Frankfurt am Main, Germany, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: AliyunOSS /
Resource Hash: e7de4d9a448af46ba48c0c860e9e1addf8c6f3214cd0af75a3eb0b0c3015c91f

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:41 GMT
x-oss-request-id: 66714F11522E162793C26B6D
Server: AliyunOSS
Vary: Origin
Access-Control-Allow-Methods: GET, POST, HEAD, PUT
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Etag
Access-Control-Max-Age: 200
x-oss-ec: 0026-00000001
Connection: keep-alive
Content-Length: 400
x-oss-server-time: 1

GET
H2 200 8325.672ba7471721aec62ba0.js Show response
pevi.r4b5u2t.com/assets/ 7 KB
0 413ms
413ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/8325.672ba7471721aec62ba0.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

b31400b92b43fdecb3da3189faec45089551743cf463580d058b517bc7356c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F117732EB32361773E0
content-md5: ErqHoZrJNfY6fi/XHeDXwQ==
x-cache-status: MISS
rid: a66d95fc9e73512f5f8170891ace93f3
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"12BA87A19AC935F63A7E2FD71DE0D7C1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 1706046265055939337
x-oss-server-time: 24

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/promote/config/agentMode/language/ 152 B
775 B 378ms
378ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/promote/config/agentMode/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

2c95d4a30c4a4f2a3ec721a50d4a2d0331a82399d89a074bc402c4042a897fcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F112FD31717EBC17B6E
content-md5: 3vSOdn6CB2qdnL77827jLA==
content-disposition: attachment
rid: ae26842641b9b52d6274ebda728dcf03
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 10 Jun 2024 10:08:00 GMT
server: gocache
etag: W/"DEF48E767E82076A9D9CBEFBF36EE32C"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 8961484270249764191
x-oss-server-time: 3
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 footer@theme=1.cb7c6322293210194a0a.css
pevi.r4b5u2t.com/assets/ 6 KB
0 373ms
373ms Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/footer@theme=1.cb7c6322293210194a0a.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

32e3ae899ed5a52cfc5be2703b684947b5474aa8e176c79e2c2793169c157d4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F112BFAC73530D78290
content-md5: yuDRwDJQGQD5Umb+KmJbCQ==
x-cache-status: MISS
rid: 3f382dc5d6f63d85c5cbe144e33bef36
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 986240778728940696
x-oss-server-time: 4

GET
H2 200 footer@theme=1.33a661aeedf7f6b40783.js Show response
pevi.r4b5u2t.com/assets/ 3 KB
0 394ms
394ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/footer@theme=1.33a661aeedf7f6b40783.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

e685a3e2626b5be478fef0d889ffbe20174ff240f6dd5d1bccd3228bb62e5f58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F11F397E23833C8A125
content-md5: oy79dn9cPixRVcMaCDAs0A==
x-cache-status: MISS
rid: 2518308ac593a7cbfb80f95837a9454b
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"A32EFD767F5C3E2C5155C31A08302CD0"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 9290218106079527736
x-oss-server-time: 22

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/api/lobby/footerConfig/getInfo/language/ 4 KB
3 KB 376ms
376ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/api/lobby/footerConfig/getInfo/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

dfdef2e56930d6d979c33351a95649af40149c9545f86345fac6eefa5f3313f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
content-encoding: gzip
x-oss-request-id: 66714F11522E162793C26BA6
content-md5: VmlQTJ+qfQFjr13dHQmxvg==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: de9ba2b1b40024723145e3884d4ca288
x-oss-object-type: Normal
c-type: df
last-modified: Thu, 13 Jun 2024 19:16:24 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 17985251351351992899
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/api/lobby/aboutUs/index/getInfo/language/ 60 KB
46 KB 381ms
381ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/api/lobby/aboutUs/index/getInfo/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

566f82c189aae0d0314cf3c7ed37118ea83ec8dfec0248d725c50f2c40d32f17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
content-encoding: gzip
x-oss-request-id: 66714F11A251FD3AC5C0BD43
content-md5: QHyMODe8zmWWAJ9NZEQkkw==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 5633df0550c393471416f43120c06024
x-oss-object-type: Normal
c-type: df
last-modified: Sat, 08 Jun 2024 04:06:01 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 10400845813659422626
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 1746072372283527169.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 211 KB
0 0ms
0ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1746072372283527169.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: f4d059d677b8a3536c708646dde04e44e75bffcd29d4888a2e1d037ecbb31191

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669B522E162793C987DC
content-md5: WDaca5ur2lv8CbH4s7+gXw==
x-cache-status: HIT
content-disposition: attachment
rid: 18c8a178b52ac902a6bd05f869b0c047
content-length: 216007
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 13 Jan 2024 07:31:12 GMT
server: gocache
etag: "58369C6B9BABDA5BFC09B1F8B3BFA05F"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 1109334669608030253
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1796131816683909122.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 108 KB
0 1ms
1ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1796131816683909122.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: cb465dfdc49522b2eb387961c80e5cfe2f4800c4f42bf0ef79a7b614e5fc1daf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669C43AE61287DC80C5C
content-md5: N4o4UUFLo6OYpG53xBHXVw==
x-cache-status: HIT
content-disposition: attachment
rid: 1479b83cd216bb731f0779b1056ea7bd
content-length: 110296
x-oss-object-type: Normal
c-type: st
last-modified: Thu, 30 May 2024 10:49:33 GMT
server: gocache
etag: "378A3851414BA3A398A46E77C411D757"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 1658518269728675812
x-oss-server-time: 4
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1711088005856980994.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 93 KB
0 0ms
0ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1711088005856980994.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: cc90a96fb3c15662a9669fab339c31f494d7c15503d1e6a05bc01b4745e9f3b1

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669CFA4CB66D77C922F7
content-md5: Zj6kf3d0SLqtBlL6svnPmg==
x-cache-status: HIT
content-disposition: attachment
rid: c538d7c48fc4f591714e43a01a0bcb35
content-length: 95569
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 08 Oct 2023 18:35:48 GMT
server: gocache
etag: "663EA47F777448BAAD0652FAB2F9CF9A"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5235808356581618059
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1746055967778111490.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 264 KB
0 0ms
0ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1746055967778111490.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 4e3bf3e916f836283cc24fd3c0802fcaebe05cbc71d0af4167b34e5b46496629

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669BEA47EC12EDC83A6B
content-md5: bZdw0wykb5KdG71/7K+oSg==
x-cache-status: HIT
content-disposition: attachment
rid: cbf0ba8c4bd6f137bc085daf47c75ab2
content-length: 270718
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 13 Jan 2024 06:26:01 GMT
server: gocache
etag: "6D9770D30CA46F929D1BBD7FECAFA84A"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 17487916349111890634
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1746056378918895617.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 217 KB
0 0ms
0ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1746056378918895617.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 893cdd7dfe26424cfd71c4836a058d5d8f81503eee3f4434cb4981d8914f2caf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669BF51E44E33AC96E3C
content-md5: iJjsXj2ajNIccQMB83lzFQ==
x-cache-status: HIT
content-disposition: attachment
rid: 2a8f68419476687cd1b8e7a8107edd38
content-length: 222318
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 13 Jan 2024 06:27:39 GMT
server: gocache
etag: "8898EC5E3D9A8CD21C710301F3797315"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 3768732719639567890
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1746061137960763394.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 151 KB
0 0ms
0ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1746061137960763394.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: ef31b2ea46dff3569158dd9825606a6db525e12ee3ff63e6db40660f7a3af546

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669BEA47EC12EDC83A88
content-md5: fCarrJ7BDoZX2PR0A1Uf2Q==
x-cache-status: HIT
content-disposition: attachment
rid: 7c618ea351ed5eeda096374377eeaedf
content-length: 154444
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 13 Jan 2024 06:46:34 GMT
server: gocache
etag: "7C26ABAC9EC10E8657D8F47403551FD9"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 11835810261704427615
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1698158752461197313.png
oss.pqrst123vip.com/siteadmin/upload/img/ 138 KB
0 2ms
2ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1698158752461197313.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 44a0da0181d730ed0112ebe3c14982e678877a7abc7f1f5c9cdb81b6516f53b7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669DF51E44E33AC970CB
content-md5: J6mjyOxujz6lLBQY4fCM5g==
x-cache-status: HIT
content-disposition: attachment
rid: a4256b5e85ae2066be7dbca035b1b27c
content-length: 140986
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:41:02 GMT
server: gocache
etag: "27A9A3C8EC6E8F3EA52C1418E1F08CE6"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 15668246467058927280
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1719510492229898241.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 80 KB
0 3ms
3ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1719510492229898241.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 2f4abcc66b5a48ad54c9017a2730508861519c7221d8d851896a9ced02a80ed2

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669D30CDE347A9C6916A
content-md5: dcXfBjzZ3E6iLLGG94csrA==
x-cache-status: HIT
content-disposition: attachment
rid: 9c2584defb47573b3e707c5fb7d3559d
content-length: 82351
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 01 Nov 2023 00:23:45 GMT
server: gocache
etag: "75C5DF063CD9DC4EA22CB186F7872CAC"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16761674019227337094
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1723221784367685634.jpg
oss.pqrst123vip.com/siteadmin/upload/img/ 164 KB
0 2ms
2ms Image
image/jpeg 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1723221784367685634.jpg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 0f3a49c384d66f7dbd41085fdffca7cf6ee8b1c53951e8541ebe31faf67c1f29

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:39 GMT
x-oss-request-id: 6670669D304E2EE99CCA076C
content-md5: 6WNFA0Fc6tGLkQl9VQvymA==
x-cache-status: HIT
content-disposition: attachment
rid: eb7c15297a3c054e6f27b025dc4d1d9b
content-length: 168243
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 11 Nov 2023 06:11:06 GMT
server: gocache
etag: "E9634503415CEAD18B91097D550BF298"
vary: Origin
content-type: image/jpeg
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10243654178772794291
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:39 GMT

GET
H2 200 1639603964032897026.png
oss.pqrst123vip.com/siteadmin/upload/img/ 7 KB
0 2ms
2ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1639603964032897026.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 05a501bf1cb58c7cbace657a93d36a1885bb037d59392d5e92d0a26d6008a253

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:40 GMT
x-oss-request-id: 6670669A1AC7F9BA9BCB0F07
content-md5: WnRLeOXyJFTdnNTissIDeg==
x-cache-status: HIT
content-disposition: attachment
rid: f84f74e1fd293f32c08b27a65f39bab2
content-length: 7411
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:41:02 GMT
server: gocache
etag: "5A744B78E5F22454DD9CD4E2B2C2037A"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14938941920938573689
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:40 GMT

GET
H2 200 icon_dt_pmd.png
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/1-0-common/web/home/ 660 B
0 3ms
3ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-common/web/home/icon_dt_pmd.png?manualVersion=1&version=v4.0.350
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 79273aa0fe5c98f6e79c6e58b8dff3c7135f099bc5925830ae0f924ca8da847c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
x-oss-request-id: 66714F1143AE61287DC0C5AE
content-md5: eCod9HORWmGcJWUShuvkQw==
x-cache-status: MISS
content-disposition: attachment
rid: e740cd83c62739bbf46aabfbf4f0e8fa
content-length: 660
x-oss-object-type: Normal
c-type: st
last-modified: Mon, 17 Jun 2024 07:47:18 GMT
server: gocache
etag: "782A1DF473915A619C25651286EBE443"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14606254484637566941
x-oss-server-time: 3
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H2 200 custom_CNY.png
oss.pqrst123vip.com/game_pictures/p/268/L1/200/3/ 43 KB
43 KB 303ms
301ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/p/268/L1/200/3/custom_CNY.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

dc5dbfd283de05deaa4901670975c8b2d44640b4e22438859ad6716c9d8b9a20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669E43AE61287DC81002
content-md5: +mFwKXviMj6VxzspPh0llQ==
x-cache-status: HIT
content-disposition: attachment
rid: ec6358de33cffcc2fece33720fa46633
content-length: 43921
x-oss-object-type: Normal
c-type: st
last-modified: Thu, 06 Jun 2024 17:00:02 GMT
server: gocache
etag: "FA6170297BE2323E95C73B293E1D2595"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 6377871530546875063
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 custom_CNY.png
oss.pqrst123vip.com/game_pictures/p/268/L1/13/3/ 71 KB
72 KB 309ms
307ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/p/268/L1/13/3/custom_CNY.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

ea9e8565f85f644131f4989bf934805493dcee14ce33d26e4b2655be13bec838

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669E47CBA4D812C96063
content-md5: 4yb2Yj9xnjRA7F6tK5MGcw==
x-cache-status: HIT
content-disposition: attachment
rid: e137c513aebbd9d8918b502254b26a81
content-length: 72782
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 11 Jun 2024 17:47:11 GMT
server: gocache
etag: "E326F6623F719E3440EC5EAD2B930673"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5474098625198900544
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 custom_CNY.png
oss.pqrst123vip.com/game_pictures/p/268/L1/75/3/ 38 KB
38 KB 315ms
313ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/p/268/L1/75/3/custom_CNY.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

aef7a2f55eaef0f6ed25ff8ad6e6ef131a701c42cb2a7577e0b7537641fd154d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669ECD3972AC48D1DDF0
content-md5: eJllwD/VnCW+eSgtGVO6Cg==
x-cache-status: HIT
content-disposition: attachment
rid: bc33cab9656a6ac6be2f0baa2fb73af3
content-length: 38675
x-oss-object-type: Normal
c-type: st
last-modified: Thu, 06 Jun 2024 17:00:02 GMT
server: gocache
etag: "789965C03FD59C25BE79282D1953BA0A"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 12610977519980945597
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 custom_CNY.png
oss.pqrst123vip.com/game_pictures/p/268/L1/3/3/ 57 KB
58 KB 465ms
464ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/p/268/L1/3/3/custom_CNY.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

9c9ac7ae22dcab1d85b709dd46f1c6f2cd4c30f463e46d6a00d88ab65e5e1805

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670739A2FD31717EBD9FB5C
content-md5: OhPUSS19+2avRwn9cKe4Tg==
x-cache-status: HIT
content-disposition: attachment
rid: 114e53c617a02f8acc2dc586426f67fd
content-length: 58321
x-oss-object-type: Normal
c-type: st
last-modified: Thu, 06 Jun 2024 21:00:24 GMT
server: gocache
etag: "3A13D4492D7DFB66AF4709FD70A7B84E"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5265555914368680126
x-oss-server-time: 14
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 custom_CNY.png
oss.pqrst123vip.com/game_pictures/p/268/L1/206/3/ 69 KB
70 KB 470ms
468ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/p/268/L1/206/3/custom_CNY.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

f9ec534b9f5fe9b2e3e05ad55eca8f595c95be8b66254f1689acaf068a8e1f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 667066ABEA47EC12EDC85231
content-md5: oqEC93Diwy12SoXNz+FNoA==
x-cache-status: HIT
content-disposition: attachment
rid: 7cf5935d20e1ee200bfcbdb7f8a5bc03
content-length: 71135
x-oss-object-type: Normal
c-type: st
last-modified: Thu, 06 Jun 2024 21:03:17 GMT
server: gocache
etag: "A2A102F770E2C32D764A85CDCFE14DA0"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 17182345707601973491
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 ipCheck Show response
kses.fq4dwq.com/hall/ 236 B
511 B 417ms
416ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kses.fq4dwq.com:9006/hall/ipCheck?siteCode=268&currency=CNY&language=zh&platformType=5
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: eed68f3f872d19a1da8a6a8e0b53979c67a8d8bcfd605244274ba809c8a7fedf

Request headers

deviceModel: Chrome126.0.0.0
x-version: 4.0.350
devicetype: 3
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce: 776d277c-c9be-42eb-8453-77d7a8ebbaeb
isWgPackage: false
language: zh
accept-language: zh
isSpeedPackae: false
device: 5bcc1b08-cab7-44e0-a440-3adf14200f3f
x-request-id: 776d277c-c9be-42eb-8453-77d7a8ebbaeb
sign: eVYBaRYGQTs0p24Raj+Y8WSmstLR/uBDyPE1yEEyeb6MyVQBGVTXgdotok8EGGoj
sec-ch-ua-platform: "Win32"
isVest: false
currency: CNY
platformType: 5
domain: pevi.r4b5u2t.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id: {"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1718701837727,"version":1718675909000}}
auth: undefined
x-custom-referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept: application/json, text/plain, */*
timestamp: 1718701842
Referer: https://pevi.r4b5u2t.com/
siteCode: 268
newJwt
token
clienttimezone: UTC+2
browserfingerid

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
content-encoding: br
x-env-go-biz-gateway: 0
rid: 6d97bf1df8b7da4d91752fe81eeb5b0d
x-trace-id: 7563f9fe6dd21508
c-type: df
server: gocache
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/json; charset=UTF-8
access-control-max-age: 3600
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
x-server-version: 4.0.0
expires: Thu, 01 Jan 1970 00:00:01 GMT

OPTIONS
H2 200 ipCheck
kses.fq4dwq.com/hall/ 0
0 414ms
414ms Preflight
application/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kses.fq4dwq.com:9006/hall/ipCheck?siteCode=268&currency=CNY&language=zh&platformType=5
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method: GET
Origin: https://pevi.r4b5u2t.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
access-control-allow-methods: *
access-control-allow-origin: *
access-control-max-age: 3600
c-type: df
cache-control: no-cache
content-length: 0
content-type: application/octet-stream
date: Tue, 18 Jun 2024 09:10:42 GMT
expires: Thu, 01 Jan 1970 00:00:01 GMT
rid: cf0de0b9603e6eea29c257bae15414ad
server: gocache

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 305 KB
87 KB 89ms
42ms Script
application/x-javascript 157.240.252.13
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=90b85ae6369661ebad36e82f6def8dbb

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.252.13 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra3.fbcdn.net

Software

Resource Hash

6eab3e177b1e5dffa6a5b131f04a2f29720285bf265b99b769013a715d7d88c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Origin: https://pevi.r4b5u2t.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 18 Jun 2024 09:10:42 GMT
content-md5: 0W4c6RhrDSmYM/JP/GRYXA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 89053
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=40, rtx=0, c=23, mss=1232, tbw=4317, tp=9, tpl=0, uplat=0, ullat=-1
x-fb-debug: yVCpzbValQGN+GbLIAyOWnNU9FS6arlf27ZamWWpOwMCg+92yg7afpjokFc9Drj0tb98R/RndqjbB71xBgu/nw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: e061896d992f4c32537ccec468ee8595
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "2d582a74f5b70fe9bfc1835ff96036e6"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Wed, 18 Jun 2025 07:36:07 GMT

GET
H2 400 auth Show response
conn.webpush.theengagelab.com/v1/ 214 B
342 B 2827ms
524ms Fetch
text/plain 114.119.189.26
HWCLOUDS-AS-AP HU...

General

Check archive.org

Show headers Download Go to

Full URL: https://conn.webpush.theengagelab.com/v1/auth?user_str=undefined&appkey=7bbd705e9924906d7e5f90e7&is_temporary=n
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/libs/webPush@2.1.0/webPushSdk.min.2.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 114.119.189.26 , Singapore, ASN136907 (HWCLOUDS-AS-AP HUAWEI CLOUDS, HK),
Reverse DNS: ecs-114-119-189-26.compute.hwclouds-dns.com
Software: elb /
Resource Hash: 0d1e20f888da5f1b958c77be20c262141612e2c00a8f31d4771864c1fe415388

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://pevi.r4b5u2t.com
date: Tue, 18 Jun 2024 09:10:44 GMT
server: elb
content-length: 214
content-type: text/plain; charset=utf8

GET
BLOB 200
OK a0fdac3a-7eb7-4aae-80f3-5cfdac5bc85b
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/a0fdac3a-7eb7-4aae-80f3-5cfdac5bc85b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81d15d630191b5de68b6ae0ad251e87b78d829bda352b132779013d4059458e1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6017
Content-Type: image/png

GET
BLOB 200
OK 6661909f-8b70-44de-a4d5-583cc5196b04
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/6661909f-8b70-44de-a4d5-583cc5196b04
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 295a9e994b4a2d3c43b9f1a3f0a88da932388034ad3328c502509b91218dd47f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5855
Content-Type: image/png

GET
BLOB 200
OK ecb9590a-202f-454c-b2af-08f063a662b9
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/ecb9590a-202f-454c-b2af-08f063a662b9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5472cf138d5773231815c06bb22d7aac785439e79e54af9cd9b6b1697b2c703b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5966
Content-Type: image/png

GET
BLOB 200
OK 15be3cb7-ce90-4474-9193-0d1b24e8d269
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/15be3cb7-ce90-4474-9193-0d1b24e8d269
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be551cb7bbfd15dbd76c0b7e64d94610001554dc59e0c4f6e1a4642faf2934c9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6026
Content-Type: image/png

GET
BLOB 200
OK d799f91d-4384-4290-9775-e044724aee5f
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/d799f91d-4384-4290-9775-e044724aee5f
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39e749785478b2d09f1ce2a6e7b2ff262a7bba7dec7090356ee1ed36bdd715b7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6274
Content-Type: image/png

GET
BLOB 200
OK 98c003be-9a8f-4b08-80c8-3b11a27980e4
https://pevi.r4b5u2t.com/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/98c003be-9a8f-4b08-80c8-3b11a27980e4
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a1d5bf8ec8933449cb840808e756644b585942d4f9abe5a730cbb2ad3cf2ec53

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6919
Content-Type: image/png

GET
BLOB 200
OK fe66ec87-3fe8-46f3-aa20-aace99c4b0a3
https://pevi.r4b5u2t.com/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/fe66ec87-3fe8-46f3-aa20-aace99c4b0a3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c374dfc8fff9422636e014f5dc8e3c897895586e50953bcac9bf459fbcce583

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 8102
Content-Type: image/png

GET
BLOB 200
OK 4141a0fd-57a2-4070-b57f-73ff44ee0fe0
https://pevi.r4b5u2t.com/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/4141a0fd-57a2-4070-b57f-73ff44ee0fe0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 649fad5986c97fbe863a36ce87b0d91ef51d5401468227d07846493466ed9122

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 9258
Content-Type: image/png

GET
BLOB 200
OK 470a7e4a-cefb-4f81-b4f0-e7b84a9e94d2
https://pevi.r4b5u2t.com/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/470a7e4a-cefb-4f81-b4f0-e7b84a9e94d2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 049f2ba9c67157e955651a020c11ffe1f0c849c1d37358176c2818f6fa4978f1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 9675
Content-Type: image/png

GET
BLOB 200
OK 3b004ea7-87ab-4795-bc6e-9ec9812e42a3
https://pevi.r4b5u2t.com/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/3b004ea7-87ab-4795-bc6e-9ec9812e42a3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 763d957571d01db861f89016ad2804906ab693d466638036d3635d88a0527ed9

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 9676
Content-Type: image/png

GET
BLOB 200
OK 26e0951d-a150-4a7f-a893-292b07ba55bd
https://pevi.r4b5u2t.com/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/26e0951d-a150-4a7f-a893-292b07ba55bd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7237f9405f451c50158eaa30c2dd8c3fc045e1ee7119c10df10589499da0e73c

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 9325
Content-Type: image/png

GET
BLOB 200
OK 4eb79d5b-0c83-46a8-a509-906c755c7062
https://pevi.r4b5u2t.com/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/4eb79d5b-0c83-46a8-a509-906c755c7062
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7c53992a90fa9cd3658ab3daf91b06e48fc6279ade5d12bfb29a7d664ddd6ce

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 9010
Content-Type: image/png

GET
BLOB 200
OK a3693102-4fd6-4986-9bca-1015edcd12c3
https://pevi.r4b5u2t.com/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/a3693102-4fd6-4986-9bca-1015edcd12c3
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aaaf6fa47ae0336ffd96870714c41e705188d241977ff4b52ceeeec303e5437f

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 8799
Content-Type: image/png

GET
BLOB 200
OK e4efa94a-785e-4335-ae96-36697ee41ccf
https://pevi.r4b5u2t.com/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/e4efa94a-785e-4335-ae96-36697ee41ccf
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be2dc5a10722af400281a91bbd19cf764e5fa6f0b36123cac1f0154e7666ea9b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 9015
Content-Type: image/png

GET
BLOB 200
OK cb7980df-20d7-4377-85a8-99df681011f6
https://pevi.r4b5u2t.com/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/cb7980df-20d7-4377-85a8-99df681011f6
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0397d3701dcab66d32d6c0b549f2ecce8348b949b5a2f9a8e9e4fbe36e260b10

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 8902
Content-Type: image/png

GET
BLOB 200
OK 3ff9c960-1d33-4b27-add9-0852ee480fb7
https://pevi.r4b5u2t.com/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/3ff9c960-1d33-4b27-add9-0852ee480fb7
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c44e33c8fd6809fad75db9c54d49fe842883126f52a986d8ebd2b3cc00145a37

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 8726
Content-Type: image/png

GET
BLOB 200
OK de21afd0-4d21-48ee-b029-a7c0d427d84e
https://pevi.r4b5u2t.com/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/de21afd0-4d21-48ee-b029-a7c0d427d84e
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3594c39fb1deb95e26a2ba2b191354c0397d9296d86e4981ae181c611c5b6eac

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 8263
Content-Type: image/png

GET
BLOB 200
OK 93b05265-e639-476e-9fb8-be12d3fce76d
https://pevi.r4b5u2t.com/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/93b05265-e639-476e-9fb8-be12d3fce76d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbd394b2c45fa9826bae43b22f9760143f89d084496fd554e2630df1c81cabf2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 8018
Content-Type: image/png

GET
BLOB 200
OK f27107b6-058b-435a-89aa-ea2c2254a3f2
https://pevi.r4b5u2t.com/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/f27107b6-058b-435a-89aa-ea2c2254a3f2
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 537a5dd43bdccf7aa4460fbce27fdbfc036b97107f3257d5075abf2f69a43182

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 7787
Content-Type: image/png

GET
BLOB 200
OK 92ec8fad-f73e-4e29-8b0d-06df388fd9fd
https://pevi.r4b5u2t.com/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/92ec8fad-f73e-4e29-8b0d-06df388fd9fd
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ea553a33d4ab64c01783be3126c5f40059d6644f2ae43b1cc55c87e1a0b657a

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 7447
Content-Type: image/png

GET
BLOB 200
OK 6891dbae-85e9-4086-9977-5467928458b0
https://pevi.r4b5u2t.com/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/6891dbae-85e9-4086-9977-5467928458b0
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c7c3891db2a9a1ca2edc6fba24444ac74481bb3a73d7fe1859249364f641430

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 7156
Content-Type: image/png

GET
BLOB 200
OK a7de27e8-3d81-46d7-8305-0029cde0b2f8
https://pevi.r4b5u2t.com/ 7 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/a7de27e8-3d81-46d7-8305-0029cde0b2f8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3ee53a1f476f10915f5b1b3453671428d2a99de0d0c09ad5540e352cf5a8767

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6885
Content-Type: image/png

GET
BLOB 200
OK 510fbaed-93ff-4d1a-b898-c2ecb07dee98
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/510fbaed-93ff-4d1a-b898-c2ecb07dee98
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9078e9326558644ecca6323f55b128355bd3363c9bab2aa504d18be4aac0ec73

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6616
Content-Type: image/png

GET
BLOB 200
OK 0fdc4b59-0404-4224-abb1-724e6fd2c7f8
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/0fdc4b59-0404-4224-abb1-724e6fd2c7f8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c9c1f2f199b1bde8ce714fc6a41606464af97c669dbcdf1a116c025a11b185c7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6206
Content-Type: image/png

GET
BLOB 200
OK 99c11e01-04e2-4493-a5ae-b2f8120dd4ce
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/99c11e01-04e2-4493-a5ae-b2f8120dd4ce
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e1738d39b4613f2625b5ef1ae833165a1ee679afe335f9d80b648f9f76b65a2

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6171
Content-Type: image/png

GET
BLOB 200
OK 96188568-f695-40be-a181-d0a83669e04b
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/96188568-f695-40be-a181-d0a83669e04b
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0ad1ba254acba655cefb68afc41d32a785b4630709eda68d58eb7fa67ca85ac5

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6051
Content-Type: image/png

GET
BLOB 200
OK f7148a87-6e97-46bc-aa41-b1508ce78f05
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/f7148a87-6e97-46bc-aa41-b1508ce78f05
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05c3f7b93b48f7ccc93c792c6d88e9bfdb294bce7f27f22a711ac69de3217fb4

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 6009
Content-Type: image/png

GET
BLOB 200
OK 719ec2b3-f3ba-4de2-8707-f68827e03355
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/719ec2b3-f3ba-4de2-8707-f68827e03355
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf4c65ee5b55716937208daf4147d488862e651b9381929e1d961a65bc1f8701

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5810
Content-Type: image/png

GET
BLOB 200
OK bf9d80a7-0a78-43f3-a347-0ef6a1905409
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/bf9d80a7-0a78-43f3-a347-0ef6a1905409
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 465e3df159eeac9c1ea4c55e479f1a3d81015fa4395c2793488ade1534dac191

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5792
Content-Type: image/png

GET
BLOB 200
OK 0b231c02-2e72-411d-8184-559a014ae392
https://pevi.r4b5u2t.com/ 6 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://pevi.r4b5u2t.com/0b231c02-2e72-411d-8184-559a014ae392
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dcdb299c486d19e2580b3c6c88891420e6541d642de1a945f638ded4615d05d1

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Length: 5822
Content-Type: image/png

GET
H2 200 loader_v3.8.1.js Show response
fpnpmcdn.net/v3/cIMrDd2qJKZFByajXD7O/ 496 B
1014 B 140ms
39ms Script
text/javascript 18.245.31.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/cIMrDd2qJKZFByajXD7O/loader_v3.8.1.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/8325.672ba7471721aec62ba0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.44 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-44.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

3c6e87d91913ef1bdf80ef25f55e2d1a84661e5613029f5b608005591ebff569

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
date: Fri, 14 Jun 2024 09:08:35 GMT
x-content-type-options: nosniff
via: 1.1 77aeedb4b2272623c3e7c852eafc4998.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
age: 345727
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 496
server: CloudFront
etag: "dFzXjqUN7+MWD1KjgdZmSJlXDUI"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3741, s-maxage=607087
timing-allow-origin: *
x-amz-cf-id: CEmPZD4YQ9uRWmQfFZJdoDJvoqWH24ifLFZFImX1QLdWI-pyOEVW3Q==

GET
H2 200 9170.76e3acd9db1a609deafb.css
pevi.r4b5u2t.com/assets/ 8 KB
0 389ms
389ms Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/9170.76e3acd9db1a609deafb.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

ca8fe80de3707a26a3df96efe0a05455fa3fb681a882860bd7eb480902cf7b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F12F397E2383300A825
content-md5: bD3PASf8WTIJ7gL7D79Ofw==
x-cache-status: MISS
rid: 2afe546aa1ba42196d8b1350b549dede
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 12764340405751291075
x-oss-server-time: 16

GET
H2 200 9170.7879d5ee4941a2799a22.js Show response
pevi.r4b5u2t.com/assets/ 13 KB
0 396ms
396ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/9170.7879d5ee4941a2799a22.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

9d98e87b3f773786c524f3c5b61d5bdc45e4c788aa4f19e466ae9b52704f3208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F122BFAC73530098990
content-md5: qk1qy/kqUDX4n1iHjGL86g==
x-cache-status: MISS
rid: f105ffa196b1bccd01a25a99e142268e
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"AA4D6ACBF92A5035F89F58878C62FCEA"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 8485168326854725617
x-oss-server-time: 17

GET
H2 200 custom_CNY.png
oss.pqrst123vip.com/game_pictures/p/268/CL/hot/200/3/ 16 KB
16 KB 307ms
306ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/p/268/CL/hot/200/3/custom_CNY.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

1155ff3e34ec2a662653a9e6b1275ccee7e4e9f02abd673aa55ccad4fce14745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669E5A334FE30EC7A2B8
content-md5: wdcTak9gNIgEWAjfSt7+aQ==
x-cache-status: HIT
content-disposition: attachment
rid: a16d1bb543815adabbb2b93f8cb3e93a
content-length: 15971
x-oss-object-type: Normal
c-type: st
last-modified: Thu, 06 Jun 2024 17:00:01 GMT
server: gocache
etag: "C1D7136A4F603488045808DF4ADEFE69"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 7172501820791508740
x-oss-server-time: 5
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000065/ 59 KB
60 KB 306ms
304ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000065/default.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

65793f0fdcbe8bfdf69b1624788f69d2e9e761bd7be6d9cdcadcd222fd312795

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F85643AE61287D5B1962
content-md5: FjVYy6mxXO7IuwtI4xwhyA==
x-cache-status: HIT
content-disposition: attachment
rid: f494416ceb874f9e5742755789c23cfb
content-length: 60860
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "163558CBA9B15CEEC8BB0B48E31C21C8"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14776356437702791139
x-oss-server-time: 74
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 img_game_tj_1.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/common/common/home/ 448 B
989 B 316ms
314ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/common/common/home/img_game_tj_1.webp?manualVersion=1&version=41d0eb5455

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

fa208c245c38d5f9e1d7ee6422506944cf9e0d87a9af78983f0f5a8643bad272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F856FA4CB66D775C58A1
content-md5: CfodlCM6N5HEqK5O+JfORQ==
x-cache-status: HIT
content-disposition: attachment
rid: af17b88930e4a2bea1543ffafeacd8b1
content-length: 448
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 18 Jun 2024 02:55:27 GMT
server: gocache
etag: "09FA1D94233A3791C4A8AE4EF897CE45"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10714511286290182452
x-oss-server-time: 3
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 btn_sc_off_2.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/common/web/home/ 320 B
860 B 317ms
315ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/common/web/home/btn_sc_off_2.webp?manualVersion=1&version=abfbb0d8b0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

f6b867ccd9e2f07f6b63eeebfec8dea030de76d2bfbc8df28f2ae3be87ba98a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F856B227D44BDE60CE4C
content-md5: nn5Le4nBIuuVAu2kDn/0Kg==
x-cache-status: HIT
content-disposition: attachment
rid: f98468d6d7795ec3d82a11086f52283c
content-length: 320
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 18 Jun 2024 02:56:23 GMT
server: gocache
etag: "9E7E4B7B89C122EB9502EDA40E7FF42A"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5900798616740208116
x-oss-server-time: 3
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000074/ 73 KB
73 KB 318ms
317ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000074/default.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

001004c7e96d62e5af6d5fab37e52e1a8e1164eb5fcd16e67150615f306c713e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F856CC39EA8F6E601F05
content-md5: RbmEiFCWph/3JQb2+BrRkw==
x-cache-status: HIT
content-disposition: attachment
rid: 5733d85ba090ff31c9a5e92af15690c0
content-length: 74465
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "45B984885096A61FF72506F6F81AD193"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 2941041406325763778
x-oss-server-time: 30
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000084/ 72 KB
72 KB 355ms
354ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000084/default.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

22ee64671fb4f555d1c4494fc4195b72262e592c2740275e956fd76101c8e6a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F856A1B449098D57CB58
content-md5: z+Q4+ySpvhaukPhrn+lyJg==
x-cache-status: HIT
content-disposition: attachment
rid: 0c8398bf7a729695c8209494c7db1da9
content-length: 73277
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "CFE438FB24A9BE16AE90F86B9FE97226"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 4269195379447591906
x-oss-server-time: 35
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000135/ 69 KB
69 KB 427ms
426ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000135/default.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

b1f31a6b2ab2ff1da1ca3970728d58c5b657f331c168d7a067e837f2c71e5729

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F8561AC7F9BA9B5E4EE9
content-md5: Pm8hJwAqEANUoZQn29PXlA==
x-cache-status: HIT
content-disposition: attachment
rid: e6b33a8a52d1af45219f21bc53fd838a
content-length: 70345
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 04 Jun 2024 07:10:51 GMT
server: gocache
etag: "3E6F2127002A100354A19427DBD3D794"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16475463300645381828
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000054/ 63 KB
64 KB 435ms
426ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000054/default.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

101f1a2a0d52c7b6839059d5d249b0a4397d0165a53711e76358b7850481d972

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F856EA47EC12ED5B593C
content-md5: 8e/Up6Gw/4ziEhL7ITb9Pg==
x-cache-status: HIT
content-disposition: attachment
rid: a975c400f94eecf9673c4349e6756a3d
content-length: 64945
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "F1EFD4A7A1B0FF8CE21212FB2136FD3E"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14107272835557793618
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000087/ 76 KB
76 KB 441ms
436ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000087/default.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

97d9f60a8d889c9f037bd0fda882f76bd316aa4a9b53918457d5ebab43a02394

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F856B227D44BDE60CE4B
content-md5: YbIgh/VxVqC/k8xrdX5AjA==
x-cache-status: HIT
content-disposition: attachment
rid: e39ff27ac8d7ff995c3aa3d477fbe29b
content-length: 77638
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "61B22087F57156A0BF93CC6B757E408C"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10895355113399610780
x-oss-server-time: 3
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000106/ 70 KB
71 KB 543ms
537ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000106/default.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

d190078f5c6e5eb9f4963acf1b5d7109921fe1af31b3fb1d819ddd08c3ee1555

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F8565943073251636E8B
content-md5: lc862IaA1H/y4X/+0JoGlg==
x-cache-status: HIT
content-disposition: attachment
rid: 1b14cac0c6911f29ac1330e3d490d278
content-length: 71834
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "95CF3AD88680D47FF2E17FFED09A0696"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 11447191984221404055
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000127/ 66 KB
67 KB 547ms
542ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000127/default.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

2317f98c4b5bbd6739e0f86242e095da9d44a29c974a13adffe06dea9321aeaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F8569A4636ED715B912F
content-md5: ik19PuBh/cLWxrekEV2VoQ==
x-cache-status: HIT
content-disposition: attachment
rid: 20b00e27c31eda7f54b5489fb93719c1
content-length: 67826
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 04 Jun 2024 07:10:51 GMT
server: gocache
etag: "8A4D7D3EE061FDC2D6C6B7A4115D95A1"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5906490499100783196
x-oss-server-time: 55
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 custom_CNY.png
oss.pqrst123vip.com/game_pictures/p/268/CL/hot/200/3/ 16 KB
0 0ms
0ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/game_pictures/p/268/CL/hot/200/3/custom_CNY.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 1155ff3e34ec2a662653a9e6b1275ccee7e4e9f02abd673aa55ccad4fce14745

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670669E5A334FE30EC7A2B8
content-md5: wdcTak9gNIgEWAjfSt7+aQ==
x-cache-status: HIT
content-disposition: attachment
rid: a16d1bb543815adabbb2b93f8cb3e93a
content-length: 15971
x-oss-object-type: Normal
c-type: st
last-modified: Thu, 06 Jun 2024 17:00:01 GMT
server: gocache
etag: "C1D7136A4F603488045808DF4ADEFE69"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 7172501820791508740
x-oss-server-time: 5
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000065/ 59 KB
0 2ms
2ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000065/default.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 65793f0fdcbe8bfdf69b1624788f69d2e9e761bd7be6d9cdcadcd222fd312795

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670F85643AE61287D5B1962
content-md5: FjVYy6mxXO7IuwtI4xwhyA==
x-cache-status: HIT
content-disposition: attachment
rid: f494416ceb874f9e5742755789c23cfb
content-length: 60860
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "163558CBA9B15CEEC8BB0B48E31C21C8"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14776356437702791139
x-oss-server-time: 74
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 img_game_tj_1.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/common/common/home/ 448 B
0 1ms
1ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/common/common/home/img_game_tj_1.webp?manualVersion=1&version=41d0eb5455
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: fa208c245c38d5f9e1d7ee6422506944cf9e0d87a9af78983f0f5a8643bad272

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670F856FA4CB66D775C58A1
content-md5: CfodlCM6N5HEqK5O+JfORQ==
x-cache-status: HIT
content-disposition: attachment
rid: af17b88930e4a2bea1543ffafeacd8b1
content-length: 448
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 18 Jun 2024 02:55:27 GMT
server: gocache
etag: "09FA1D94233A3791C4A8AE4EF897CE45"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10714511286290182452
x-oss-server-time: 3
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 btn_sc_off_2.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/common/web/home/ 320 B
0 10ms
10ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/common/web/home/btn_sc_off_2.webp?manualVersion=1&version=abfbb0d8b0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: f6b867ccd9e2f07f6b63eeebfec8dea030de76d2bfbc8df28f2ae3be87ba98a9

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670F856B227D44BDE60CE4C
content-md5: nn5Le4nBIuuVAu2kDn/0Kg==
x-cache-status: HIT
content-disposition: attachment
rid: f98468d6d7795ec3d82a11086f52283c
content-length: 320
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 18 Jun 2024 02:56:23 GMT
server: gocache
etag: "9E7E4B7B89C122EB9502EDA40E7FF42A"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5900798616740208116
x-oss-server-time: 3
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000074/ 73 KB
0 0ms
0ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000074/default.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 001004c7e96d62e5af6d5fab37e52e1a8e1164eb5fcd16e67150615f306c713e

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670F856CC39EA8F6E601F05
content-md5: RbmEiFCWph/3JQb2+BrRkw==
x-cache-status: HIT
content-disposition: attachment
rid: 5733d85ba090ff31c9a5e92af15690c0
content-length: 74465
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "45B984885096A61FF72506F6F81AD193"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 2941041406325763778
x-oss-server-time: 30
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000084/ 72 KB
0 1ms
0ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000084/default.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 22ee64671fb4f555d1c4494fc4195b72262e592c2740275e956fd76101c8e6a7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670F856A1B449098D57CB58
content-md5: z+Q4+ySpvhaukPhrn+lyJg==
x-cache-status: HIT
content-disposition: attachment
rid: 0c8398bf7a729695c8209494c7db1da9
content-length: 73277
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "CFE438FB24A9BE16AE90F86B9FE97226"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 4269195379447591906
x-oss-server-time: 35
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 1014.c91479027af1a39ff805.css
pevi.r4b5u2t.com/assets/ 68 KB
0 395ms
395ms Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/1014.c91479027af1a39ff805.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

1c8223c50eaa71654a61d36c36770bdc1facc41b9095360b620f90a4dc7dd0e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F132BFAC73530BB9090
content-md5: JTajUtDIm/PPupwR7gKeAg==
x-cache-status: MISS
rid: 184b1acb2b983d143e201715cc95cec9
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 10109345155772341872
x-oss-server-time: 12

GET
H2 200 1014.5020be14f1c55a24b5e7.js Show response
pevi.r4b5u2t.com/assets/ 100 KB
0 498ms
498ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/1014.5020be14f1c55a24b5e7.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

0a5573f72522d7018a917c4489f6bfcf2d06111c2ff62dded828e2f016445935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F13F397E238335CB025
content-md5: oHjzl61DwtowUx73a22Jkw==
x-cache-status: MISS
rid: 13a0259b4d7e9025a9af1719dfb42b97
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"A078F397AD43C2DA30531EF76B6D8993"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 2965340256998334498
x-oss-server-time: 25

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000135/ 69 KB
0 1ms
1ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000135/default.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: b1f31a6b2ab2ff1da1ca3970728d58c5b657f331c168d7a067e837f2c71e5729

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670F8561AC7F9BA9B5E4EE9
content-md5: Pm8hJwAqEANUoZQn29PXlA==
x-cache-status: HIT
content-disposition: attachment
rid: e6b33a8a52d1af45219f21bc53fd838a
content-length: 70345
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 04 Jun 2024 07:10:51 GMT
server: gocache
etag: "3E6F2127002A100354A19427DBD3D794"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16475463300645381828
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000054/ 63 KB
0 15ms
15ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000054/default.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 101f1a2a0d52c7b6839059d5d249b0a4397d0165a53711e76358b7850481d972

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670F856EA47EC12ED5B593C
content-md5: 8e/Up6Gw/4ziEhL7ITb9Pg==
x-cache-status: HIT
content-disposition: attachment
rid: a975c400f94eecf9673c4349e6756a3d
content-length: 64945
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "F1EFD4A7A1B0FF8CE21212FB2136FD3E"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14107272835557793618
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000087/ 76 KB
0 0ms
0ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000087/default.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 97d9f60a8d889c9f037bd0fda882f76bd316aa4a9b53918457d5ebab43a02394

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670F856B227D44BDE60CE4B
content-md5: YbIgh/VxVqC/k8xrdX5AjA==
x-cache-status: HIT
content-disposition: attachment
rid: e39ff27ac8d7ff995c3aa3d477fbe29b
content-length: 77638
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "61B22087F57156A0BF93CC6B757E408C"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10895355113399610780
x-oss-server-time: 3
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000106/ 70 KB
0 1ms
0ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000106/default.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: d190078f5c6e5eb9f4963acf1b5d7109921fe1af31b3fb1d819ddd08c3ee1555

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670F8565943073251636E8B
content-md5: lc862IaA1H/y4X/+0JoGlg==
x-cache-status: HIT
content-disposition: attachment
rid: 1b14cac0c6911f29ac1330e3d490d278
content-length: 71834
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 09 Jun 2024 14:05:55 GMT
server: gocache
etag: "95CF3AD88680D47FF2E17FFED09A0696"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 11447191984221404055
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 default.png
oss.pqrst123vip.com/game_pictures/g/CL/200/3/2000127/ 66 KB
0 1ms
0ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/game_pictures/g/CL/200/3/2000127/default.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 2317f98c4b5bbd6739e0f86242e095da9d44a29c974a13adffe06dea9321aeaf

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
x-oss-request-id: 6670F8569A4636ED715B912F
content-md5: ik19PuBh/cLWxrekEV2VoQ==
x-cache-status: HIT
content-disposition: attachment
rid: 20b00e27c31eda7f54b5489fb93719c1
content-length: 67826
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 04 Jun 2024 07:10:51 GMT
server: gocache
etag: "8A4D7D3EE061FDC2D6C6B7A4115D95A1"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 5906490499100783196
x-oss-server-time: 55
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 5.json Show response
oss.pqrst123vip.com/hall/system/status/currency/CNY/language/zh/osType/4/platformType/ 17 KB
568 B 475ms
297ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/system/status/currency/CNY/language/zh/osType/4/platformType/5.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

ed1a79f3111823e06fe09482a684c250fee3172621779b83d25d86853ea3ae71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
x-oss-request-id: 66714F1347CBA4D812C22AEE
content-md5: B4wGy6yso2pas+6Pr079Hg==
content-type: application/json
content-disposition: attachment
rid: 60481604f77b9ed44be3d1ca0a3a04a2
x-oss-object-type: Normal
c-type: df
last-modified: Thu, 13 Jun 2024 19:18:30 GMT
server: gocache
access-control-max-age: 200
vary: Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
x-oss-ec: 0048-00000110
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 3112848118762159138
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 gt.js Show response
pevi.r4b5u2t.com/libs/gt@5/ 5 KB
0 473ms
473ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/libs/gt@5/gt.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

c54e8eef343ddf228ab711c9f924df5197906aa4c3a7a856cf59017da10d2472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F13F397E238332AB825
content-md5: seGtbRmWkcsA5RP74x0t+Q==
x-cache-status: MISS
rid: 93651f7d074b52f334679620eefa8f62
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"B1E1AD6D199691CB00E513FBE31D2DF9"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 2145963118752755642
x-oss-server-time: 15

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/home/smsCountry/currency/CNY/language/ 856 B
1 KB 418ms
286ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/home/smsCountry/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

6009c420ad1516f9ccd8e681e176345218c6deda0f10fe5f09140d540a574aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F13522E162793C26DD4
content-md5: 60AhqwNzlXSjdwy+ndoNRQ==
content-disposition: attachment
rid: 6cbf98fa5a7f0110cb024e3ad676efff
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 10 Jun 2024 10:08:00 GMT
server: gocache
etag: W/"EB4021AB03739574A3770CBE9DDA0D45"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 14999023887012174826
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 default.json Show response
oss.pqrst123vip.com/hall/activetask/newcomer_benefit_reward/ 108 B
741 B 394ms
375ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/activetask/newcomer_benefit_reward/default.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

3b637749cc9fa68e133eba96d2897a17224502ebcd23c6efadf63818118168b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F14A251FD3AC5C0BFD2
content-md5: arsO0YFzkRExWtVPWcSB2w==
content-disposition: attachment
rid: 71369a014a1aa77463429f54de4228d5
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 10 Jun 2024 10:08:00 GMT
server: gocache
etag: W/"6ABB0ED181739111315AD54F59C481DB"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 11574325183808827953
x-oss-server-time: 1
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
DATA 200
OK truncated
/ 413 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b4877375a7af765e2fa097e240b7051b28ca8133929ee7d44c49fedb8231591

Request headers

Referer
Origin: https://pevi.r4b5u2t.com
Accept-Language: de-DE,de;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 1639603964032897026.png
oss.pqrst123vip.com/siteadmin/upload/img/ 7 KB
0 0ms
0ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1639603964032897026.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 05a501bf1cb58c7cbace657a93d36a1885bb037d59392d5e92d0a26d6008a253

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:40 GMT
x-oss-request-id: 6670669A1AC7F9BA9BCB0F07
content-md5: WnRLeOXyJFTdnNTissIDeg==
x-cache-status: HIT
content-disposition: attachment
rid: f84f74e1fd293f32c08b27a65f39bab2
content-length: 7411
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:41:02 GMT
server: gocache
etag: "5A744B78E5F22454DD9CD4E2B2C2037A"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14938941920938573689
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:40 GMT

GET
H2 200 js-sdk-pro.min.js Show response
sdk.51.la/ 34 KB
13 KB 217ms
45ms Script
application/javascript 163.181.92.245
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.51.la/js-sdk-pro.min.js
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 163.181.92.245 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 10:47:44 GMT
content-encoding: gzip
via: cache15.l2de2[0,0,200-0,H], cache4.l2de2[0,0], ens-cache12.de5[0,0,200-0,H], ens-cache3.de5[1,0]
x-oss-request-id: 66682B509935E33535E5E12A
content-md5: JLtSDpUX8u0+2Ye0aur3Iw==
age: 598980
x-swift-cachetime: 764453
x-cache: HIT TCP_MEM_HIT dirn:-2:-2
x-oss-cdn-auth: success
x-swift-savetime: Mon, 17 Jun 2024 14:26:51 GMT
content-length: 12846
x-oss-object-type: Normal
last-modified: Thu, 08 Jun 2023 02:24:34 GMT
server: Tengine
vary: Accept-Encoding
ali-swift-global-savetime: 1718102864
content-type: application/javascript
access-control-allow-origin: *
x-oss-storage-class: Standard
timing-allow-origin: *
x-oss-hash-crc64ecma: 5143829838470429443
eagleid: a3b55c9717187018444684691e
x-oss-server-time: 4

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/activetask/pop_newcomerBenefit/currency/CNY/language/ 236 B
841 B 386ms
384ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/activetask/pop_newcomerBenefit/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

819bfc79bae17b6857d3d667c5c8ed2a9201e296abf89f43f3f0a023136b579c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F14522E162793C26E9C
content-md5: KQ4Clicsn9vqWL/WLM4mxg==
content-disposition: attachment
rid: de351d18a971564d6b8381e0860d23dd
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 10 Jun 2024 10:08:00 GMT
server: gocache
etag: W/"290E0296272C9FDBEA58BFD62CCE26C6"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 16871387480223798361
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/activetask/pop_taskDay/currency/CNY/language/ 576 B
1 KB 384ms
381ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/activetask/pop_taskDay/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

c59929cb3485251d0c6c1e84bbbbd73da5fcd032053a3f675981c48322a060fb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F1447CBA4D812C22BC9
content-md5: C5AyxOJR4j0/O9gEU/X4mQ==
content-disposition: attachment
rid: 4e147b13be4acb21a8bdc9cbe4272dd2
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 10 Jun 2024 10:08:00 GMT
server: gocache
etag: W/"0B9032C4E251E23D3F3BD80453F5F899"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 7804356290411917176
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/activetask/pop_taskWeek/currency/CNY/language/ 192 B
803 B 377ms
375ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/activetask/pop_taskWeek/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

aee3796d488ffb97f8f257f505f6463424ecafa60478e6c5491cdcfae52732a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F14B227D44BDEC6A432
content-md5: 7FnPC6iuq1H7eNbAhAe7Xw==
content-disposition: attachment
rid: fb7e9f3e95ad69672886ef47382d57cc
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 10 Jun 2024 10:08:00 GMT
server: gocache
etag: W/"EC59CF0BA8AEAB51FB78D6C08407BB5F"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 2950608973838233385
x-oss-server-time: 1
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/activetask/pop_taskThreeDay/currency/CNY/language/ 172 B
790 B 381ms
379ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/activetask/pop_taskThreeDay/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

a8d234a26679c107e349261dbc81ce1954d19ff4e7de990717d665d804fac5c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F1499D9D610B8C24B62
content-md5: xvuhSb4YaHKtlhrlMQKHGA==
content-disposition: attachment
rid: bc2019101f17a54186cdb1e952ba89ac
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 17 Jun 2024 16:23:01 GMT
server: gocache
etag: W/"C6FBA149BE186872AD961AE531028718"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 13347922308306269253
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/customer/staffallv3/currency/CNY/language/ 6 KB
5 KB 378ms
377ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/customer/staffallv3/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

e33948a576ba37bcb8d44cb5954847ce993d658fb78eea6e09a2d180f7f5d36c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:44 GMT
content-encoding: gzip
x-oss-request-id: 66714F1447CBA4D812C22BC8
content-md5: So876GGvOz3fs0POjtaEcw==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 3f0bde17ed3596b5d9cb571243097657
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 10 Jun 2024 10:08:00 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 1147045102005422666
x-oss-server-time: 2
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 CNY.json Show response
oss.pqrst123vip.com/hall/message/popupcfg/currency/ 64 B
702 B 377ms
376ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/message/popupcfg/currency/CNY.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

7606695e193fe5040aaa22261808c2775cc30ac17452e1e48b45cd219cf2ee22

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: br
x-oss-request-id: 66714F14B227D44BDEC6A433
content-md5: qBKzUVhJRwEjRZ8FC43hmA==
content-disposition: attachment
rid: 263c72d7a76f08971f71cfb82f82aaa0
x-oss-object-type: Normal
c-type: df
last-modified: Mon, 10 Jun 2024 10:08:00 GMT
server: gocache
etag: W/"A812B3515849470123459F050B8DE198"
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 11162463750143046554
x-oss-server-time: 1
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 200
OK domain Show response
hss.dfg123vip.com/hall/promote/pointer/ 49 B
681 B 428ms
407ms XHR
application/json 138.113.211.72
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.dfg123vip.com/hall/promote/pointer/domain
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 8340d39f84b88a9db8757a9a46884da9eb8a807f0f0cd1f76811e82d994c4a16

Request headers

deviceModel: Chrome126.0.0.0
x-version: 4.0.350
devicetype: 3
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce: c56584bf-3cfe-47bf-bb2a-d65570053784
isWgPackage: false
language: zh
accept-language: zh
isSpeedPackae: false
device: 5bcc1b08-cab7-44e0-a440-3adf14200f3f
x-request-id: c56584bf-3cfe-47bf-bb2a-d65570053784
sign: 34px8ffIUaFKMlRr2L9CBFy56U2ZQ6f9FIUNLZ8AuJsa6mskhlodr4mSZrLJRVf3
sec-ch-ua-platform: "Win32"
isVest: false
currency: CNY
platformType: 5
domain: pevi.r4b5u2t.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id: {"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1718701837727,"version":1718675909000}}
auth: undefined
Content-Type: application/json
x-custom-referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept: application/json, text/plain, */*
timestamp: 1718701844
Referer: https://pevi.r4b5u2t.com/
siteCode: 268
newJwt
token: b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone: UTC+2
browserfingerid

Response headers

Date: Tue, 18 Jun 2024 09:10:45 GMT
Via: 1.1 ianxun22:6 (W), 1.1 PS-AMS-01QkJ103:9 (W)
X-Env-Go-Biz-Gateway: 0
Api-Cache: false
X-Env-Go-Biz-Agent-Server: 0
X-Px: ms PS-AMS-01QkJ103AMS,ms ianxun22HKG(origin)
Connection: keep-alive
X-SafeLine-Ray: f7b45368e6e7bfe5-ONE
Content-Length: 49
X-Trace-Id: 55d58ee358eb9aea
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: *
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-Ws-Request-Id: 66714f14_PS-AMS-01QkJ103_28125-39134
X-Server-Version: 4.0.0

OPTIONS
H/1.1 200
OK domain
hss.dfg123vip.com/hall/promote/pointer/ 0
0 352ms
343ms Preflight
application/octet-stream 138.113.211.72
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.dfg123vip.com/hall/promote/pointer/domain
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auth,browserfingerid,clienttimezone,content-type,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method: POST
Origin: https://pevi.r4b5u2t.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: auth,browserfingerid,clienttimezone,content-type,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Tue, 18 Jun 2024 09:10:44 GMT
Via: 1.1 ianxun22:6 (W), 1.1 PS-AMS-01QkJ103:9 (W)
X-Px: ms PS-AMS-01QkJ103AMS,ms ianxun22HKG(origin)
X-SafeLine-Ray: f7b45368e6e7bfe5-ONE
X-Ws-Request-Id: 66714f14_PS-AMS-01QkJ103_28125-39130

OPTIONS
H/1.1 200
OK getDownloadUrl
hss.dfg123vip.com/hall/download/ 0
0 672ms
523ms Preflight
application/octet-stream 138.113.211.72
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.dfg123vip.com/hall/download/getDownloadUrl?siteCode=268&token=b2e3d672-9d88-47a7-81b4-9d7ffc62054f&currency=CNY&language=zh&platformType=5
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method: GET
Origin: https://pevi.r4b5u2t.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Tue, 18 Jun 2024 09:10:45 GMT
Via: 1.1 ianxun22:6 (W), 1.1 PS-AMS-01QkJ103:9 (W)
X-Px: ms PS-AMS-01QkJ103AMS,ms ianxun22HKG(origin)
X-SafeLine-Ray: f7b45368e6e7bfe5-ONE
X-Ws-Request-Id: 66714f14_PS-AMS-01QkJ103_27830-41224

GET
H/1.1 200
OK getDownloadUrl Show response
hss.dfg123vip.com/hall/download/ 2 KB
2 KB 453ms
432ms XHR
application/json 138.113.211.72
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.dfg123vip.com/hall/download/getDownloadUrl?siteCode=268&token=b2e3d672-9d88-47a7-81b4-9d7ffc62054f&currency=CNY&language=zh&platformType=5
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 5549b0e022db34edbb5059d649cb29500b3e5d6f9c9529e65648e0dc767f5bc8

Request headers

deviceModel: Chrome126.0.0.0
x-version: 4.0.350
devicetype: 3
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce: 8a9c07bc-d9b1-4872-945b-81240f24d9ed
isWgPackage: false
language: zh
accept-language: zh
isSpeedPackae: false
device: 5bcc1b08-cab7-44e0-a440-3adf14200f3f
x-request-id: 8a9c07bc-d9b1-4872-945b-81240f24d9ed
sign: oCjZNmjclR31pLur5JMLQZreNTxoyMpOX88ld4CXRYSFdO7L/LzF/Dp4XYw50AXO
sec-ch-ua-platform: "Win32"
isVest: false
currency: CNY
platformType: 5
domain: pevi.r4b5u2t.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id: {"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1718701837727,"version":1718675909000}}
auth: undefined
x-custom-referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept: application/json, text/plain, */*
timestamp: 1718701844
Referer: https://pevi.r4b5u2t.com/
siteCode: 268
newJwt
token: b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone: UTC+2
browserfingerid

Response headers

Date: Tue, 18 Jun 2024 09:10:45 GMT
Via: 1.1 ianxun22:6 (W), 1.1 PS-AMS-01QkJ103:9 (W)
X-Env-Go-Biz-Gateway: 0
Api-Cache: false
X-Env-Go-Biz-Agent-Server: 0
X-Px: ms PS-AMS-01QkJ103AMS,ms ianxun22HKG(origin)
Connection: keep-alive
X-SafeLine-Ray: f7b45368e6e7bfe5-ONE
Content-Length: 1734
X-Trace-Id: 747596e7c1b779cb
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: *
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0,s-maxage=60,public
Access-Control-Allow-Credentials: true
X-Ws-Request-Id: 66714f15_PS-AMS-01QkJ103_27830-41242
X-Server-Version: 4.0.0

GET
H2 200 1746093144586043393.png
oss.pqrst123vip.com/siteadmin/upload/img/ 5 KB
6 KB 325ms
306ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1746093144586043393.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

7fd05653a3c7cc9ec1b292392ec2303faadeadd1301c9d008e2adf83a5117d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:44 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669F30CDE347A9C694BC
content-md5: rZx8FvNThhb+F3PRnIqjcw==
x-cache-status: HIT
content-disposition: attachment
rid: 17168de6c18352a8996c21fc122ac06a
content-length: 5347
x-oss-object-type: Normal
c-type: st
last-modified: Sat, 13 Jan 2024 08:53:42 GMT
server: gocache
etag: "AD9C7C16F3538616FE1773D19C8AA373"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 16460511253165360425
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:44 GMT

GET
H2 200 pre_load Show response
riskct.geetest.com/g2/api/v1/ 292 B
661 B 384ms
214ms Script
text/javascript 43.152.44.80
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://riskct.geetest.com/g2/api/v1/pre_load?client_type=web&callback=geetest_1718701852473
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/libs/gt@5/gt.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.44.80 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: TencentEdgeOne /
Resource Hash: 57b656d7e98a29081d163b30ecefd8b1b4cdddce8a06fcb44a877b64e5e6dd3d

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 09:10:44 GMT
server: TencentEdgeOne
eo-cache-status: MISS
etag: "4460b8d975c407be088362ecec5bb625675c5c69"
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: text/javascript;charset=UTF-8
access-control-allow-origin
cache-control: must-revalidate, no-cache, no-store
eo-log-uuid: 13542560382903863587
access-control-allow-headers: Appid, Client-Type, Api-Version, GeeID, Content-Type
content-length: 292
expires: 0

GET
H2 200 true.json Show response
oss.pqrst123vip.com/hall/message/all/index/currency/CNY/frame/true/language/zh/list/0/marqueePage/1/marqueeSize/10/unReadListCount/ 5 KB
4 KB 458ms
405ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/message/all/index/currency/CNY/frame/true/language/zh/list/0/marqueePage/1/marqueeSize/10/unReadListCount/true.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

44cc8d88c270f1d846f97fd57db9f3b50e46c4561bdb8866d8debf29709a35cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:44 GMT
content-encoding: gzip
x-oss-request-id: 66714F14AB8200A5E1C5CE73
content-md5: /vV2NKQWkVKh6xu2Ji8qlA==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: 5836a7bae4428c4e375a0e87fec90fa2
x-oss-object-type: Normal
c-type: df
last-modified: Tue, 18 Jun 2024 08:31:30 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 2714324313475692911
x-oss-server-time: 36
expires: Thu, 01 Jan 1970 00:00:01 GMT

POST
H/1.1 403
Forbidden collect Show response
collect-v6.51.la/v6/ 0
704 B 767ms
246ms XHR
text/plain 47.246.46.182
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL: https://collect-v6.51.la/v6/collect?dt=4
Requested by: Host: sdk.51.la
URL: https://sdk.51.la/js-sdk-pro.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 47.246.46.182 Milan, Italy, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:45 GMT
Via: cache9.l2de2[184,183,403-0,M], cache9.l2de2[186,0], ens-cache11.it4[196,195,403-1280,M], ens-cache11.it4[196,0]
X-Swift-Error: orig response 4XX error
Age: 0
X-Swift-CacheTime: 0
X-Cache: MISS TCP_MISS dirn:-2:-2
Connection: keep-alive
X-Swift-SaveTime: Tue, 18 Jun 2024 09:10:45 GMT
Content-Length: 0
Server: Tengine
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Ali-Swift-Global-Savetime: 1718701845
Access-Control-Allow-Origin: https://pevi.r4b5u2t.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
EagleId: 2ff62e9f17187018452884085e

GET
H2 200 geeGuard.3a5e3e59702cd1908b3f768b4e8cf4ac.js Show response
static.geetest.com/g5/v1/static/v1.2.0/js/ 176 KB
48 KB 256ms
80ms Script
application/javascript 2606:4700::6811:6c1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.geetest.com/g5/v1/static/v1.2.0/js/geeGuard.3a5e3e59702cd1908b3f768b4e8cf4ac.js
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/libs/gt@5/gt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:6c1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d13c9255f5ad32bb2ba8aa17d8dfa354f7197c118b4f60a310f972cd822b256c

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Origin: https://pevi.r4b5u2t.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:45 GMT
content-encoding: gzip
cf-cache-status: MISS
x-goog-meta-goog-reserved-file-mtime: 1716450151
x-guploader-uploadid: ACJd0NpfyIAb4x1V0IPTbCLdcc5nPmEaHoe7cruBjE39EqPqmNsrgLtrDU2ryBApmkzheVZVb5I
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
last-modified: Thu, 23 May 2024 08:13:46 GMT
server: cloudflare
etag: W/"a8106b63df7e8314443eff1b52a2b79c"
vary: Accept-Encoding
x-goog-generation: 1716452026076954
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=kT8lgw==, md5=qBBrY99+gxREPv8bUqK3nA==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400
x-goog-meta-mtime: 2024-05-23T07:42:31Z
x-goog-stored-content-length: 179830
cf-ray: 895a25e4fb7a9118-FRA
expires: Wed, 19 Jun 2024 09:10:45 GMT

GET
H2 200 5397.f33ef10d17ad2771b5d8.css
pevi.r4b5u2t.com/assets/ 26 KB
0 402ms
402ms Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/5397.f33ef10d17ad2771b5d8.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

5c183acdaa09073a1c465fb31a3d2f5a3da99aee8354d59a6e53026a1afbcca1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:45 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F15F397E2383371C925
content-md5: mSkgsfBhmpkLEqH0e/icBQ==
x-cache-status: MISS
rid: 0aa2ce5d40ad9c45f2989fc42ac8c1b4
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 17804773281902284694
x-oss-server-time: 23

GET
H2 200 5397.7ac13f04cb8f52cf1ac1.js Show response
pevi.r4b5u2t.com/assets/ 12 KB
0 393ms
393ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/5397.7ac13f04cb8f52cf1ac1.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

309a71557cfcebee7e178ebfb4d1930cb24d8bd96692ec623e32bc0e9c8a1f08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:45 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F152BFAC735307DA890
content-md5: tndCBx6ff5uLl8Ztq6JTIw==
x-cache-status: MISS
rid: 32000d9f4562263df4862c9db100664f
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"B67742071E9F7F9B8B97C66DABA25323"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 9094519465166308647
x-oss-server-time: 16

GET
H2 200 1800955388063666177.png
oss.pqrst123vip.com/siteadmin/upload/img/ 196 KB
197 KB 303ms
302ms Image
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/upload/img/1800955388063666177.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

da59ecda54281bc76ce60ae8a9c12eb0e5e614fbcccd571b747d424ce04891cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669F2FD31717EBC90CB3
content-md5: Oi7bKRv+3PJqdIEHP2XjoQ==
x-cache-status: HIT
content-disposition: attachment
rid: 5dd0e2dc2b251ccc27e37179024bf8da
content-length: 200978
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 12 Jun 2024 18:16:43 GMT
server: gocache
etag: "3A2EDB291BFEDCF26A7481073F65E3A1"
vary: Origin
content-type: image/png
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 9999400593492198126
x-oss-server-time: 3
expires: Wed, 19 Jun 2024 09:10:46 GMT

GET
H2 200 appIconBig.png
oss.pqrst123vip.com/cocos/lg/ 33 KB
34 KB 783ms
782ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/cocos/lg/appIconBig.png

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

ba1f090280bfc5cf0cf85be0bf87ebfa60287744a2ae1e3fc48c81b2190b2e93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670669FEA47EC12EDC8414F
content-md5: SC2x5TZcRUg3IuavRnrCYw==
x-cache-status: HIT
content-disposition: attachment
rid: e1e623a3ec57a19849cdd6be1ea2e577
content-length: 34181
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:40:59 GMT
server: gocache
etag: "482DB1E5365C45483722E6AF467AC263"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 11223624763464763890
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:46 GMT

GET
H2 200 img_close_s2.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/common/common/common/ 1000 B
2 KB 786ms
786ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/common/common/common/img_close_s2.webp?manualVersion=1&version=c9fd45e75b

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

b89dfb563e5190e9b51fc072865ef7e3c77383cc711dcace5b4993eece6ddfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:46 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F169A4636ED71C1811A
content-md5: DjrAVUiOWlVy1Q1hN0H7BA==
x-cache-status: MISS
content-disposition: attachment
rid: 3db0be9c8539561cb166980ff3251ca8
content-length: 1000
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 18 Jun 2024 02:52:43 GMT
server: gocache
etag: "0E3AC055488E5A5572D50D613741FB04"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10591120416030325639
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:46 GMT

POST
H2 200 client_report Show response
riskct.geetest.com/g2/api/v1/ 2 KB
2 KB 204ms
203ms XHR
application/json 43.152.44.80
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://riskct.geetest.com/g2/api/v1/client_report
Requested by: Host: static.geetest.com
URL: https://static.geetest.com/g5/v1/static/v1.2.0/js/geeGuard.3a5e3e59702cd1908b3f768b4e8cf4ac.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.44.80 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: TencentEdgeOne /
Resource Hash: 05f60283139baaaadf99a3c056f55a484fbdc23fbe9eef0247678fd2aef47ef5

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: https://pevi.r4b5u2t.com/
API-Version: 1
AppID: 9ia4hndgblg9xihxcwgdjt9ztg8sjwaf
Client-Type: 3
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Tue, 18 Jun 2024 09:10:46 GMT
server: TencentEdgeOne
eo-cache-status: MISS
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://pevi.r4b5u2t.com
cache-control: must-revalidate, no-cache, no-store
eo-log-uuid: 1685412022585381284
access-control-allow-headers: Appid, Client-Type, Api-Version, GeeID, Content-Type
content-length: 1981
expires: 0

OPTIONS
H2 200 client_report
riskct.geetest.com/g2/api/v1/ 0
0 280ms
197ms Preflight
application/json 43.152.44.80
ACE-AS-AP ACE

General

Check archive.org

Show headers Download Go to

Full URL: https://riskct.geetest.com/g2/api/v1/client_report
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 43.152.44.80 Frankfurt am Main, Germany, ASN139341 (ACE-AS-AP ACE, SG),
Reverse DNS
Software: TencentEdgeOne /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: api-version,appid,client-type
Access-Control-Request-Method: POST
Origin: https://pevi.r4b5u2t.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: Appid, Client-Type, Api-Version, GeeID, Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-origin: https://pevi.r4b5u2t.com
cache-control: must-revalidate, no-cache, no-store
content-length: 0
content-type: application/json;charset=UTF-8
date: Tue, 18 Jun 2024 09:10:46 GMT
eo-cache-status: MISS
eo-log-uuid: 15218770548277994801
expires: 0
pragma: no-cache
server: TencentEdgeOne

POST
H/1.1 200
OK heartbeat Show response
hss.dfg123vip.com/hall/home/ 88 B
1015 B 381ms
381ms XHR
text/plain 138.113.211.72
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.dfg123vip.com/hall/home/heartbeat
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 3fa38eb23424d0902377ffbddfc418facfadcf8c4119e27c3b54609e9336dd7c

Request headers

deviceModel: Chrome126.0.0.0
x-version: 4.0.350
devicetype: 3
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
nonce: 12bdc403-6293-451e-aa08-48d9d8142e75
isWgPackage: false
language: zh
accept-language: zh
isSpeedPackae: false
device: 5bcc1b08-cab7-44e0-a440-3adf14200f3f
x-request-id: 12bdc403-6293-451e-aa08-48d9d8142e75
sign: Yeah9jdu2EiYtW+BQH3Qf2mBaPVQjMnrRtXEwDKZZhW9SQzcoWL4KrmFUws+LDTe
sec-ch-ua-platform: "Win32"
isVest: false
currency: CNY
platformType: 5
domain: pevi.r4b5u2t.com
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
x-object-id: {"uid":"","browserLanguage":"de-DE","om":true,"init":{"created":1718701837727,"version":1718675909000}}
auth: undefined
x-custom-referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept: application/json, text/plain, */*
timestamp: 1718701846
Referer: https://pevi.r4b5u2t.com/
siteCode: 268
newJwt
token: b2e3d672-9d88-47a7-81b4-9d7ffc62054f
clienttimezone: UTC+2
browserfingerid

Response headers

Date: Tue, 18 Jun 2024 09:10:48 GMT
Via: 1.1 ianxun22:6 (W), 1.1 PS-AMS-01QkJ103:9 (W)
X-Env-Go-Biz-Gohal-Server: 0
X-Env-Go-Biz-Gateway: 0
Api-Cache: false
X-Px: ms PS-AMS-01QkJ103AMS,ms ianxun22HKG(origin)
Connection: keep-alive
X-SafeLine-Ray: f7b45368e6e7bfe5-ONE
Content-Length: 88
X-Trace-Id: 7f23f909d9acba77
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: *
Content-Type: text/plain; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
X-Ws-Request-Id: 66714f18_PS-AMS-01QkJ103_27830-41340
X-Server-Version: 4.0.0

OPTIONS
H/1.1 200
OK heartbeat
hss.dfg123vip.com/hall/home/ 0
0 530ms
529ms Preflight
application/octet-stream 138.113.211.72
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.dfg123vip.com/hall/home/heartbeat
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Request-Method: POST
Origin: https://pevi.r4b5u2t.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: auth,browserfingerid,clienttimezone,currency,device,devicemodel,devicetype,domain,isspeedpackae,isvest,iswgpackage,language,newjwt,nonce,platformtype,sign,sitecode,timestamp,token,x-custom-referer,x-object-id,x-request-id,x-version
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 3600
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream
Date: Tue, 18 Jun 2024 09:10:48 GMT
Via: 1.1 ianxun22:6 (W), 1.1 PS-AMS-01QkJ103:9 (W)
X-Px: ms PS-AMS-01QkJ103AMS,ms ianxun22HKG(origin)
X-SafeLine-Ray: f7b45368e6e7bfe5-ONE
X-Ws-Request-Id: 66714f17_PS-AMS-01QkJ103_27830-41330

GET
H2 200 manifest.json Show response
pevi.r4b5u2t.com/ 42 KB
15 KB 375ms
374ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/manifest.json?1718701838607

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

97dc9835b26adf12a447b1b3606c1029e95f06d5898c48b4b13bf29f1a542ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Accept: application/json, text/plain, */*
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:48 GMT
content-encoding: gzip
x-oss-request-id: 66714F18F397E23833A4EE25
content-md5: oGrXjpFcXU6i+EyfsKsaRg==
x-cache-status: MISS
strict-transport-security: max-age=31536000; includeSubDomains
rid: fbcfe3c13c78a2d0bc3e428ee3956234
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: application/json
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 17984663568559877807
x-oss-server-time: 7

GET
H2 200 8971.5c2520428a9bb91e6e51.css
pevi.r4b5u2t.com/assets/ 4 KB
0 382ms
382ms Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/8971.5c2520428a9bb91e6e51.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

ef2f7b8fe39fba05d92730366ca0863bbfe80152a5e259dbe6263f775fa1cadd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F19F397E238335AF125
content-md5: 7eQ3p/hunJZawMb0sZbfcA==
x-cache-status: MISS
rid: 6e62090594fc1a9cb7def2622565c73f
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 5488845247974812126
x-oss-server-time: 13

GET
H2 200 8971.6768564fc47d50ca695c.js Show response
pevi.r4b5u2t.com/assets/ 9 KB
0 525ms
525ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/8971.6768564fc47d50ca695c.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

e7f5c3176818e414720fe53b9431afff5253c9b468be858454c84d4ece7bff98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F197732EB3236CBC1E0
content-md5: ueRoW7FpGTu6Zu+fF1dhbw==
x-cache-status: MISS
rid: e81aedc6c636c8ede70009ba518425b2
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"B9E4685BB169193BBA66EF9F1757616F"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 6610856736314164691
x-oss-server-time: 19

GET
H2 200 floatBar@theme=1.617cff07d092ccc71080.css
pevi.r4b5u2t.com/assets/ 1 KB
0 526ms
526ms Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/floatBar@theme=1.617cff07d092ccc71080.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

c1912af451d41169107500e5d3ac76a523906163882d79844d4eaae15aaace42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:49 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F192BFAC7353051D190
content-md5: qSaIoSy+gU9AaCuL0wQHwA==
x-cache-status: MISS
rid: d55e162f2c100387ac9893841b58cf9a
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 7139581085607995511
x-oss-server-time: 31

GET
H2 200 floatBar@theme=1.887258c8b03a02b6fc70.js Show response
pevi.r4b5u2t.com/assets/ 2 KB
0 523ms
523ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/floatBar@theme=1.887258c8b03a02b6fc70.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/runtime.a781ec1829aecd052d94.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

6178b73d3855366779564098fbf36516c0f69e46b5b92d1b29f9ac2ef44526e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F195ADBFC3936E0AF07
content-md5: 37e6xnyJLJAU4abVqq114Q==
x-cache-status: MISS
rid: ddb997f397de9a11e074a7df37eeafd5
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"DFB7BAC67C892C9014E1A6D5AAAD75E1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 7523333745042891564
x-oss-server-time: 14

GET
H2 200 icon_cz_no.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/common/common/deposit/ 858 B
1 KB 302ms
302ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/common/common/deposit/icon_cz_no.webp?manualVersion=1&version=3e1cc85094

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

72e141e50c8468f4af61394def9226b72a866eb59e615c4037d7efd11ff0b202

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 6670F866F51E44E33A5C31E0
content-md5: DJBi0d1ggd4pr9Nv7SuXLQ==
x-cache-status: HIT
content-disposition: attachment
rid: 949ccea4859b7a2f2566a7a74084d1ab
content-length: 858
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 18 Jun 2024 02:52:46 GMT
server: gocache
etag: "0C9062D1DD6081DE29AFD36FED2B972D"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10196965084729788952
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:49 GMT

GET
H2 200 icon_cz_no.webp
oss.pqrst123vip.com/siteadmin/skin/lobby_asset/common/common/deposit/ 858 B
0 0ms
0ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/common/common/deposit/icon_cz_no.webp?manualVersion=1&version=3e1cc85094
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 72e141e50c8468f4af61394def9226b72a866eb59e615c4037d7efd11ff0b202

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:49 GMT
x-oss-request-id: 6670F866F51E44E33A5C31E0
content-md5: DJBi0d1ggd4pr9Nv7SuXLQ==
x-cache-status: HIT
content-disposition: attachment
rid: 949ccea4859b7a2f2566a7a74084d1ab
content-length: 858
x-oss-object-type: Normal
c-type: st
last-modified: Tue, 18 Jun 2024 02:52:46 GMT
server: gocache
etag: "0C9062D1DD6081DE29AFD36FED2B972D"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 10196965084729788952
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:49 GMT

GET
H2 200 zh.json Show response
oss.pqrst123vip.com/hall/active/quickList/currency/CNY/language/ 1 KB
2 KB 386ms
385ms XHR
application/json 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://oss.pqrst123vip.com:9002/hall/active/quickList/currency/CNY/language/zh.json

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/2690.d5bd57ae6dd3ba4ad1ce.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

05d92e886338d5be8e34f734f4ba640bcb102bd7b3c580b69e96c81dfa5594b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:49 GMT
content-encoding: gzip
x-oss-request-id: 66714F1947CBA4D812C2325C
content-md5: IMXje6PJNFX0KZ5HTME+gQ==
strict-transport-security: max-age=31536000; includeSubDomains
content-disposition: attachment
rid: ad54ac23bb5c2b264827265dc7f99226
x-oss-object-type: Normal
c-type: df
last-modified: Thu, 13 Jun 2024 21:24:30 GMT
server: gocache
access-control-max-age: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, POST, HEAD, PUT
access-control-allow-origin: *
access-control-expose-headers: Etag
cache-control: no-cache
x-oss-force-download: true
content-type: application/json
x-oss-storage-class: Standard
x-oss-ec: 0048-00000110
x-oss-hash-crc64ecma: 9740046291626600698
x-oss-server-time: 1
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 ActiveImg13093785601847011.gif
oss.pqrst123vip.com/active/ 992 KB
993 KB 307ms
306ms Image
image/gif 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/active/ActiveImg13093785601847011.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

a315d90ee877ec77adf4dcb151307f4c2ed3be5e623302b6c2030322bfada036

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 667066A62FD31717EBC918A1
content-md5: neXZexEv+LiKV7PxFLLRgA==
x-cache-status: HIT
content-disposition: attachment
rid: 938ee830de14d9378d6b4670c0a6516b
content-length: 1015471
x-oss-object-type: Normal
c-type: st
last-modified: Sun, 25 Feb 2024 22:31:41 GMT
server: gocache
etag: "9DE5D97B112FF8B88A57B3F114B2D180"
vary: Origin
content-type: image/gif
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 14083211365579209792
x-oss-server-time: 2
expires: Wed, 19 Jun 2024 09:10:49 GMT

GET
H2 200 ActiveImg1765748035762579.gif
oss.pqrst123vip.com/active/ 117 KB
117 KB 1173ms
1173ms Image
binary/octet-stream 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oss.pqrst123vip.com:9002/active/ActiveImg1765748035762579.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

gocache /

Resource Hash

f94bc8b3890db38bb0e376a667cc8aa9b9efdea0c7c97249c2ad57abe2b1df93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 667066A6DE66931469CAD892
content-md5: UVcRfnNDUZ/lXVYnxhYo3w==
x-cache-status: HIT
content-disposition: attachment
rid: 89772f1ba026ded8080f1e42820d1d5b
content-length: 119612
x-oss-object-type: Normal
c-type: st
last-modified: Wed, 13 Sep 2023 02:39:24 GMT
server: gocache
etag: "5157117E7343519FE55D5627C61628DF"
vary: Origin
content-type: binary/octet-stream
x-oss-ec: 0048-00000110
cache-control: max-age=86400
x-oss-force-download: true
x-oss-storage-class: Standard
accept-ranges: bytes
x-oss-hash-crc64ecma: 7578263118494952964
x-oss-server-time: 1
expires: Wed, 19 Jun 2024 09:10:49 GMT

GET
H2 200 recharge.57caf97b450c557b8d4d.js Show response
pevi.r4b5u2t.com/assets/ 2 KB
0 405ms
405ms Fetch
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/recharge.57caf97b450c557b8d4d.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

9e38372c79a9616db2e08da1896679af6f915532e4e0454f0fb4c5868cb36f57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:50 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F1A2BFAC735307BDF90
content-md5: IP/WlcJVCItIx4T4UnUD5Q==
x-cache-status: MISS
rid: 49906846c55b42e27cd80ab7e05cb17a
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"20FFD695C255088B48C784F8527503E5"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 3664757007914264073
x-oss-server-time: 31

GET
H2 200 recharge.2cb1bd3b7444bdd0ff5f.css Show response
pevi.r4b5u2t.com/assets/ 4 KB
0 397ms
397ms Fetch
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/recharge.2cb1bd3b7444bdd0ff5f.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

61fb09ef75c537fbca7a11eb083bf2930ee71cbc0c8a03a66c90cc3a762d7ccd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:51 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F1B2BFAC73530FAEA90
content-md5: Wmtq7kA52tU7CAkVzMcQ/A==
x-cache-status: MISS
rid: d3ad48a254534fcf101ad2c5fcb75e11
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 2698683913657491424
x-oss-server-time: 19

GET
H2 200 pay.c732e716c0f079e8443a.js Show response
pevi.r4b5u2t.com/assets/ 45 KB
0 526ms
526ms Fetch
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/pay.c732e716c0f079e8443a.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

26ecfe316d394b45a18ee078d8dc798aa327e701ad17c1dd3fd164b034c41545

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:52 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F1C2BFAC7353057F690
content-md5: hyXxoH+3OE+i+X753g3zAg==
x-cache-status: MISS
rid: 4f83881bec4d0320a2fc1b2451ceee52
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"8725F1A07FB7384FA2F97EF9DE0DF302"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 3934010224903514303
x-oss-server-time: 126

GET
H2 200 pay.a0d6227a3d50f7a197af.css Show response
pevi.r4b5u2t.com/assets/ 18 KB
0 419ms
419ms Fetch
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/pay.a0d6227a3d50f7a197af.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

b8e95a0e89184b9276ac27b4453bcfd37aca9a874eeccc954d0cc0af7caf8611

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:53 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F1D2BFAC73530DC0191
content-md5: rs0FbQ5MeHB781PjQSFyPQ==
x-cache-status: MISS
rid: 0adb25c41f09f9ac760d93df91df300f
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 17122815665045505878
x-oss-server-time: 39

GET
H2 200 event.fec58563d85d2c0cf4a3.js Show response
pevi.r4b5u2t.com/assets/ 32 KB
0 397ms
397ms Fetch
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/event.fec58563d85d2c0cf4a3.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

b8cb5377f405cbd8960467b40e3157c4126fc76c515051dadc1ac0b684b7e623

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F1E2BFAC73530370D91
content-md5: uLDHAGoKQQO9QQj24WFOsQ==
x-cache-status: MISS
rid: c344b7f431ed75b3afc9dcd177cc0903
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"B8B0C7006A0A4103BD4108F6E1614EB1"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 1620835675141029270
x-oss-server-time: 9

GET
H2 200 event.dff14c19f77528bc3449.css Show response
pevi.r4b5u2t.com/assets/ 44 KB
0 395ms
395ms Fetch
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/event.dff14c19f77528bc3449.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

17940fe017837565fc0d4b3a8c940ac95431c1eb8d30ae888dee7666d962ba10

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:55 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F1F2BFAC73530B81891
content-md5: Vg+zmaZP3dlFuPANI542QA==
x-cache-status: MISS
rid: ba6f62feb83752ea900c5da9555bf2f7
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 6254772731309435361
x-oss-server-time: 18

GET
H/1.1 200
OK piaspeed.png Show response
hss.dfg123vip.com/ 2 B
477 B 891ms
890ms Fetch
image/png 138.113.211.72
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.dfg123vip.com/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:56 GMT
Via: 1.1 ianxun22:6 (W), 1.1 PS-AMS-01QkJ103:9 (W)
Access-Control-Max-Age: 3600
X-Ws-Request-Id: 66714f1f_PS-AMS-01QkJ103_27830-41438
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
X-Px: ms PS-AMS-01QkJ103AMS,ms ianxun22HKG(origin)
Connection: keep-alive
X-SafeLine-Ray: f7b45368e6e7bfe5-ONE
Content-Length: 2

GET
H/1.1 200
OK piaspeed.png Show response
hss.54123vip.com/ 2 B
329 B 282ms
279ms Fetch
image/png 137.220.146.142
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.54123vip.com:9003/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.220.146.142 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 10:17:46 GMT
Last-Modified: Mon, 17 Jun 2024 10:17:46 GMT
Server: nginx
ETag: "1718619466"
Access-Control-Max-Age: 3600
X-Cache: HIT, policy, disk
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Content-Length: 2

GET
H/1.1 200
OK piaspeed.png Show response
hss.ert123vip.com/ 2 B
329 B 285ms
282ms Fetch
image/png 137.220.202.25
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.ert123vip.com:8090/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.220.202.25 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 09:28:37 GMT
Last-Modified: Mon, 17 Jun 2024 09:28:37 GMT
Server: nginx
ETag: "1718616517"
Access-Control-Max-Age: 3600
X-Cache: HIT, policy, disk
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Content-Length: 2

GET
H2 200 piaspeed.png Show response
dak.8lf24g.com/ 2 B
0 3ms
3ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dak.8lf24g.com:9009/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 0f64bba6d2f5b627d16374b27797971e
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
zng.6a2ex7.com/ 2 B
0 3ms
3ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://zng.6a2ex7.com:9090/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:41 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 254b40b83f489541a6bf9cda540e805e
content-length: 2
expires: Wed, 19 Jun 2024 09:10:41 GMT

GET
H/1.1 200
OK piaspeed.png Show response
www.12378945.com/ 2 B
329 B 359ms
355ms Fetch
image/png 18.162.246.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12378945.com:9006/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.162.246.23 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-162-246-23.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 07:08:54 GMT
Last-Modified: Tue, 18 Jun 2024 07:08:54 GMT
Server: nginx
ETag: "1718694534"
Access-Control-Max-Age: 3600
X-Cache: HIT, policy, disk
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Content-Length: 2

GET
H/1.1 200
OK piaspeed.png Show response
www.12347089.com/ 2 B
329 B 359ms
356ms Fetch
image/png 18.162.246.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12347089.com:9002/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.162.246.23 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-162-246-23.ap-east-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 06:01:10 GMT
Last-Modified: Tue, 18 Jun 2024 06:01:10 GMT
Server: nginx
ETag: "1718690470"
Access-Control-Max-Age: 3600
X-Cache: HIT, policy, disk
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Content-Length: 2

GET
H/1.1 200
OK piaspeed.png Show response
hss.b5c6d7e8.com/ 2 B
329 B 279ms
276ms Fetch
image/png 137.220.202.25
CTGSERVERLIMITED-...

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.b5c6d7e8.com:9004/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 137.220.202.25 Tokyo, Japan, ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK),
Reverse DNS
Software: nginx /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Mon, 17 Jun 2024 09:35:46 GMT
Last-Modified: Mon, 17 Jun 2024 09:35:46 GMT
Server: nginx
ETag: "1718616946"
Access-Control-Max-Age: 3600
X-Cache: HIT, policy, disk
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
Content-Length: 2

GET
H2 200 piaspeed.png Show response
sslg.r10cx7.com/ 2 B
0 3ms
3ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://sslg.r10cx7.com:9002/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: ac151d59eadb28e257f403acd8d2d8f6
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
huan.ywm9i5.com/ 2 B
0 3ms
3ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://huan.ywm9i5.com:9007/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 7995d65e981863963f5c0ae63cdeb064
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
kong.rbblr3.com/ 2 B
0 3ms
3ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kong.rbblr3.com:8090/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 06a73d4faebbb5b589c887a4d75dff18
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
lkc.cc3hkx.com/ 2 B
0 4ms
3ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://lkc.cc3hkx.com:9020/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 1091b25cf5e779939c8bb8ff29a88c97
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
cvdn.0075123.com/ 2 B
0 4ms
4ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cvdn.0075123.com:9010/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: f7e69685500e5f1e861b3cac2322a916
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
bfh.nj1wnu.com/ 2 B
0 4ms
4ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bfh.nj1wnu.com/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 3ca4d2f6179b166e751582157b7d11cb
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
ying.zv5838.com/ 2 B
0 4ms
4ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ying.zv5838.com:9090/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 6d59f6dd648c1829f071761b21a0e07d
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H2 200 piaspeed.png Show response
kses.fq4dwq.com/ 2 B
0 4ms
4ms Fetch
image/png 172.65.194.65
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kses.fq4dwq.com:9006/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 172.65.194.65 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: gocache /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:42 GMT
c-type: st
server: gocache
x-cache-status: HIT
access-control-max-age: 3600
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
rid: 0c0284220f8ab7df792ba940af48d5ed
content-length: 2
expires: Wed, 19 Jun 2024 09:10:42 GMT

GET
H/1.1 200
OK piaspeed.png Show response
hss.hjk123vip.com/ 2 B
477 B 888ms
884ms Fetch
image/png 138.113.211.72
ML-1432-54994

General

Check archive.org

Show headers Download Go to

Full URL: https://hss.hjk123vip.com/piaspeed.png
Requested by: Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~9bf88260.1a7c09afdb8922ddb851.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 138.113.211.72 , Canada, ASN54994 (ML-1432-54994, CA),
Reverse DNS
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Tue, 18 Jun 2024 09:10:56 GMT
Via: 1.1 ianxun22:6 (W), 1.1 PS-AMS-01QkJ103:9 (W)
Access-Control-Max-Age: 3600
X-Ws-Request-Id: 66714f1f_PS-AMS-01QkJ103_26016-63891
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: s-maxage=315360000,max-age=0,public
Access-Control-Allow-Credentials: true
X-Px: ms PS-AMS-01QkJ103AMS,ms ianxun22HKG(origin)
Connection: keep-alive
X-SafeLine-Ray: f7b45368e6e7bfe5-ONE
Content-Length: 2

GET
H2 200 1012.0be3a6b06ebb6e73045d.js Show response
pevi.r4b5u2t.com/assets/ 348 B
0 388ms
388ms Fetch
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/1012.0be3a6b06ebb6e73045d.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

f2f71cbc092f754cf4eaedafcdf2aca79b883718ab2c48b9f9293bbd0feac5a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F202BFAC73530C42491
content-md5: FbL+xqFpc0pVatIS+41Zwg==
x-cache-status: MISS
rid: 1ce78cf4bd069de8f70cda8fd8875169
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"15B2FEC6A169734A556AD212FB8D59C2"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 3831756329894386301
x-oss-server-time: 5

GET
H2 200 1012.40b1a56f5f70f1308f4e.css Show response
pevi.r4b5u2t.com/assets/ 983 B
0 391ms
391ms Fetch
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/1012.40b1a56f5f70f1308f4e.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

48fc475629cc4860cc481ffefbcfab88d98bd02ae6ac1269a17a6fc862cff572

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F212BFAC735301F3091
content-md5: ZA760+9k8xGUDzdKaQJrXg==
x-cache-status: MISS
rid: 97c691e48ed0a53a3b988018dff70fb1
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"640EFAD3EF64F311940F374A69026B5E"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 9554868107578888388
x-oss-server-time: 6

GET
H2 200 1014.5020be14f1c55a24b5e7.js Show response
pevi.r4b5u2t.com/assets/ 100 KB
0 3ms
3ms Fetch
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/1014.5020be14f1c55a24b5e7.js

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

0a5573f72522d7018a917c4489f6bfcf2d06111c2ff62dded828e2f016445935

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:43 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F13F397E238335CB025
content-md5: oHjzl61DwtowUx73a22Jkw==
x-cache-status: MISS
rid: 13a0259b4d7e9025a9af1719dfb42b97
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
etag: W/"A078F397AD43C2DA30531EF76B6D8993"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 2965340256998334498
x-oss-server-time: 25

GET
H2 200 1014.c91479027af1a39ff805.css Show response
pevi.r4b5u2t.com/assets/ 68 KB
0 1ms
1ms Fetch
text/css

General

Check archive.org

Show headers Download Go to

Full URL

https://pevi.r4b5u2t.com/assets/1014.c91479027af1a39ff805.css

Requested by

Host: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/main~43dd7041.c829f8fa6fd5dbf99b8e.js

Protocol

Server

-, , ASN (),

Reverse DNS

Software

gocache /

Resource Hash

1c8223c50eaa71654a61d36c36770bdc1facc41b9095360b620f90a4dc7dd0e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://pevi.r4b5u2t.com/home/game?gameCategoryId=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 18 Jun 2024 09:10:43 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
x-oss-request-id: 66714F132BFAC73530BB9090
content-md5: JTajUtDIm/PPupwR7gKeAg==
x-cache-status: MISS
rid: 184b1acb2b983d143e201715cc95cec9
x-oss-object-type: Normal
c-type: pf
last-modified: Tue, 18 Jun 2024 08:51:58 GMT
server: gocache
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31622400
x-oss-storage-class: Standard
x-oss-hash-crc64ecma: 10109345155772341872
x-oss-server-time: 12

GET 1062.0b90fe13db7bc79ec950.js
pevi.r4b5u2t.com/assets/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oss.pqrst123vip.com
URL: https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/1-0-common/web/home/icon_dt_pmd.webp?manualVersion=1&version=v4.0.350

Domain: pevi.r4b5u2t.com
URL: https://pevi.r4b5u2t.com/assets/1062.0b90fe13db7bc79ec950.js

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
pevi.r4b5u2t.com/	1969-12-31 23:59:59	Name: __vtins__3G5l0n5mfz9ldfvG Value: %7B%22sid%22%3A%20%2235cbf7cd-12e7-5368-82d4-5a2dc10f0991%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201718703644687%2C%20%22ct%22%3A%201718701844687%7D
pevi.r4b5u2t.com/	1970-01-21 07:01:01	Name: __51uvsct__3G5l0n5mfz9ldfvG Value: 1
pevi.r4b5u2t.com/	1970-01-21 07:01:01	Name: __51vcke__3G5l0n5mfz9ldfvG Value: 327df7bd-07da-5313-bdcc-81f850f3a214
pevi.r4b5u2t.com/	1970-01-21 07:01:01	Name: __51vuft__3G5l0n5mfz9ldfvG Value: 1718701844701
pevi.r4b5u2t.com/	1970-01-21 07:01:01	Name: gt_local_id Value: b0/80dnuM9OQsTmOn1zYMP1FGIO8Fdm4IzPpXsor9dHd2a1UuNMIwA==

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://oss.pqrst123vip.com:9002/siteadmin/skin/lobby_asset/festival/172/1-0/sprite.svg?manualVersion=1&version=v4.0.350 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://oss.pqrst123vip.com:9002/cocos/maintain-time.json?timestamp=1718701838647 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://stf3v2-268-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/172/1-0/sprite.svg?manualVersion=1&version=v4.0.350 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://stf3v2-268-ppp.oss-accelerate.aliyuncs.com/cocos/maintain-time.json?timestamp=1718701840308 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://stf3v2-268-ppp.oss-accelerate.aliyuncs.com/siteadmin/skin/lobby_asset/festival/172/1-0/sprite.svg?manualVersion=1&version=v4.0.350 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://stf3v2-268-ppp.oss-accelerate.aliyuncs.com/cocos/maintain-time.json?timestamp=1718701841567 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://conn.webpush.theengagelab.com/v1/auth?user_str=undefined&appkey=7bbd705e9924906d7e5f90e7&is_temporary=n Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://collect-v6.51.la/v6/collect?dt=4 Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bfh.nj1wnu.com
collect-v6.51.la
conn.webpush.theengagelab.com
connect.facebook.net
cvdn.0075123.com
dak.8lf24g.com
fpnpmcdn.net
hss.54123vip.com
hss.b5c6d7e8.com
hss.dfg123vip.com
hss.ert123vip.com
hss.hjk123vip.com
huan.ywm9i5.com
kong.rbblr3.com
kses.fq4dwq.com
lkc.cc3hkx.com
oss.pqrst123vip.com
pevi.r4b5u2t.com
riskct.geetest.com
sdk.51.la
sslg.r10cx7.com
static.geetest.com
stf3v2-268-ppp.oss-accelerate.aliyuncs.com
www.12347089.com
www.12378945.com
ying.zv5838.com
zng.6a2ex7.com
oss.pqrst123vip.com
pevi.r4b5u2t.com
114.119.189.26
137.220.146.142
137.220.202.25
138.113.211.72
157.240.252.13
163.181.92.245
172.65.194.65
18.162.246.23
18.245.31.44
2606:4700::6811:6c1
2a03:2880:f084:d:face:b00c:0:3
43.152.44.80
47.246.46.182
47.254.186.236
001004c7e96d62e5af6d5fab37e52e1a8e1164eb5fcd16e67150615f306c713e
021f986ea1c3df961261e3869e0b9d81a6584b083640abb62686a61c6ba83978
0397d3701dcab66d32d6c0b549f2ecce8348b949b5a2f9a8e9e4fbe36e260b10
049175f56194ed5fdf1d1c0ab1ab11c5da6cd4984200fbc8af3bed3813c6915f
049f2ba9c67157e955651a020c11ffe1f0c849c1d37358176c2818f6fa4978f1
05a501bf1cb58c7cbace657a93d36a1885bb037d59392d5e92d0a26d6008a253
05c3f7b93b48f7ccc93c792c6d88e9bfdb294bce7f27f22a711ac69de3217fb4
05d92e886338d5be8e34f734f4ba640bcb102bd7b3c580b69e96c81dfa5594b4
05f60283139baaaadf99a3c056f55a484fbdc23fbe9eef0247678fd2aef47ef5
06a56034a35d3fb45ca74845c053079d232dcbc5567abb7ad5b0a60617fc518f
0a5573f72522d7018a917c4489f6bfcf2d06111c2ff62dded828e2f016445935
0a7ff3b6cf4f4238f9bb37ff6456db8b6a111aec803e9c6628e48b99cc9c9a94
0ad1ba254acba655cefb68afc41d32a785b4630709eda68d58eb7fa67ca85ac5
0d1e20f888da5f1b958c77be20c262141612e2c00a8f31d4771864c1fe415388
0d6a7f07c7dd8ec74591fbd7e7d579e849fd1de9ff8c7a36381b937fe3c4d544
0ea553a33d4ab64c01783be3126c5f40059d6644f2ae43b1cc55c87e1a0b657a
0f3a49c384d66f7dbd41085fdffca7cf6ee8b1c53951e8541ebe31faf67c1f29
101f1a2a0d52c7b6839059d5d249b0a4397d0165a53711e76358b7850481d972
1155ff3e34ec2a662653a9e6b1275ccee7e4e9f02abd673aa55ccad4fce14745
1198d0cecb4a383da7ce4641be9d65d11581bdda0ace71d439802580989a768e
11ab086ecf551fac5e40f679015920b951e055581370d47dff8c9b84165fb476
146bfddc1f7780dd25cf722ca1b53dd75bfbdca3763ce39cfefbd001467afd92
17940fe017837565fc0d4b3a8c940ac95431c1eb8d30ae888dee7666d962ba10
1a56140e21ff5305a82f79038c2a31f44c881143afd153d155a6764f30662066
1c8223c50eaa71654a61d36c36770bdc1facc41b9095360b620f90a4dc7dd0e0
1ca7491cc98904d00033ed6f612c49bae0c55abd110de054d9fc0a8dd2c713b6
22ea7f15509824e86aa0900e5d5f5301734214443ee2f415a6011b94f2bfa821
22ee64671fb4f555d1c4494fc4195b72262e592c2740275e956fd76101c8e6a7
2317f98c4b5bbd6739e0f86242e095da9d44a29c974a13adffe06dea9321aeaf
25af9eb8d862d5b948801058b5c0ed33f064702e7d6a37c3d289ca82aab2d97e
26ecfe316d394b45a18ee078d8dc798aa327e701ad17c1dd3fd164b034c41545
295a9e994b4a2d3c43b9f1a3f0a88da932388034ad3328c502509b91218dd47f
2c374dfc8fff9422636e014f5dc8e3c897895586e50953bcac9bf459fbcce583
2c7899a3ad617e8fa5c3507b677466d7ede10a65ec431a44e648aa82880463d2
2c7c3891db2a9a1ca2edc6fba24444ac74481bb3a73d7fe1859249364f641430
2c95d4a30c4a4f2a3ec721a50d4a2d0331a82399d89a074bc402c4042a897fcb
2f4abcc66b5a48ad54c9017a2730508861519c7221d8d851896a9ced02a80ed2
309a71557cfcebee7e178ebfb4d1930cb24d8bd96692ec623e32bc0e9c8a1f08
32e3ae899ed5a52cfc5be2703b684947b5474aa8e176c79e2c2793169c157d4c
332d6fe2aba96bf3c0f54ce0ba9c0065a56eef9c9de603b2e06891b0ee660a73
346a4ff5ce10bfd322f08f8ccee093d645d7039aa813b7f81d4a0c3edc5b5751
3530250753291a075849316f2bf09994c23ff599fbe700d623fcb397df673568
3594c39fb1deb95e26a2ba2b191354c0397d9296d86e4981ae181c611c5b6eac
36fb43a79a169eb49d42062b2cf0146985d86fc9a7fef14f7a105401f7947cd1
38ef2d791b807288b1ee05b9700d3855281fb88730e348bae10cefdcce464e27
39e749785478b2d09f1ce2a6e7b2ff262a7bba7dec7090356ee1ed36bdd715b7
3ad7a15ea5ec8fe0ee49ee9073499d277de96e403d38ed1bd135d64ef0a1b3d4
3b637749cc9fa68e133eba96d2897a17224502ebcd23c6efadf63818118168b7
3b97f6c480239435610dbf9737fbe8b1f86ed12420c59fbf63f0f8d7b5336e4e
3c6e87d91913ef1bdf80ef25f55e2d1a84661e5613029f5b608005591ebff569
3f1e8b18f11e7a4e47b35dc8927a915a2aa622d2a93af5033da1bce413c6be4f
3fa38eb23424d0902377ffbddfc418facfadcf8c4119e27c3b54609e9336dd7c
3fd353cfc097c53020bae7e5e1155b7190710b442d38f435f5c5e5421621143e
40a57c4f96c3bef9013447a869b2c0bfc112ecaa671779a744b229ce7b374080
40eddcd1c817b6f3ab2cb6e7056bd7677a54c1ba606519b98808b77a5b9a1026
43b028982ebaa83bf333bcb2be1706e5d9f8640238f673b15f1c3b6838ebf77f
44a0da0181d730ed0112ebe3c14982e678877a7abc7f1f5c9cdb81b6516f53b7
44cc8d88c270f1d846f97fd57db9f3b50e46c4561bdb8866d8debf29709a35cb
44d5041f007d30a9b7079bd3a42ef6da96c4cda10a25b1bcc5a0a6f92b0aadcc
465e3df159eeac9c1ea4c55e479f1a3d81015fa4395c2793488ade1534dac191
481dde1414f9a9996cf35cdb7a7fa412adc6b6d41569c9552718e1362da342e9
48fc475629cc4860cc481ffefbcfab88d98bd02ae6ac1269a17a6fc862cff572
49fe0570b8edeb12cd849ef1349b667383db8508ddf2c82a1cead88b4071873c
4b4877375a7af765e2fa097e240b7051b28ca8133929ee7d44c49fedb8231591
4d77e01d895472fc4f8c33c607913d30912de963501c566f178f5a9c7998adfd
4e3bf3e916f836283cc24fd3c0802fcaebe05cbc71d0af4167b34e5b46496629
4e89748aecccae426b960630a5336069417ffad213d305d29c261bff0f6f09c7
502d015f4e694e0bf739b4debe595ee005dfca7c16cf0b4b7e9d806014b1303d
537a5dd43bdccf7aa4460fbce27fdbfc036b97107f3257d5075abf2f69a43182
543b76bf419a268865d87f465f3dc452d99362933b7ebfe2cdad56b57a2721e4
5472cf138d5773231815c06bb22d7aac785439e79e54af9cd9b6b1697b2c703b
5549b0e022db34edbb5059d649cb29500b3e5d6f9c9529e65648e0dc767f5bc8
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
566f82c189aae0d0314cf3c7ed37118ea83ec8dfec0248d725c50f2c40d32f17
57b656d7e98a29081d163b30ecefd8b1b4cdddce8a06fcb44a877b64e5e6dd3d
5c183acdaa09073a1c465fb31a3d2f5a3da99aee8354d59a6e53026a1afbcca1
6009c420ad1516f9ccd8e681e176345218c6deda0f10fe5f09140d540a574aac
6178b73d3855366779564098fbf36516c0f69e46b5b92d1b29f9ac2ef44526e4
61fb09ef75c537fbca7a11eb083bf2930ee71cbc0c8a03a66c90cc3a762d7ccd
62ee1198cf40758a2d3a919eaf275b832b609b9660a3aae7dfc836026a79feb6
649fad5986c97fbe863a36ce87b0d91ef51d5401468227d07846493466ed9122
65793f0fdcbe8bfdf69b1624788f69d2e9e761bd7be6d9cdcadcd222fd312795
6584c85e30d61b232bd133c55a68ab62be14da5192df14983500e2b1eb6c674b
673acff7c1de96eca6522bcd8f83b7d8484a4aec6c096b09a32ce102ec851568
6eab3e177b1e5dffa6a5b131f04a2f29720285bf265b99b769013a715d7d88c6
718c2ee6f3ad762eee0fb4316d59ed3aaa3d63e89b8746fa147a327fe46c3490
7237f9405f451c50158eaa30c2dd8c3fc045e1ee7119c10df10589499da0e73c
726665254f4b0a564a67e5f1de2aabe2038184f4a8a3479c7e0805d139c15bad
72e141e50c8468f4af61394def9226b72a866eb59e615c4037d7efd11ff0b202
73fd95c83b36d3aa1c0a2fe9125bada591ed02b7408b9c26ebb1b983a0908938
7547dfd70de889413591a0a20785888b2ca2af4d3586ca7b3ddf05657a8c67f1
7606695e193fe5040aaa22261808c2775cc30ac17452e1e48b45cd219cf2ee22
763d957571d01db861f89016ad2804906ab693d466638036d3635d88a0527ed9
79273aa0fe5c98f6e79c6e58b8dff3c7135f099bc5925830ae0f924ca8da847c
7bd53601c3d6cdadf1414cc129483dc756fbd455f4592f35b968eea738f3f038
7ee18766441fe9b689a58fe39c47fb865e545c83b247b4a24eb8965ba948fe79
7fd05653a3c7cc9ec1b292392ec2303faadeadd1301c9d008e2adf83a5117d5c
819bfc79bae17b6857d3d667c5c8ed2a9201e296abf89f43f3f0a023136b579c
81d15d630191b5de68b6ae0ad251e87b78d829bda352b132779013d4059458e1
81fa2fd58df999535da8d6290a18abae4f51142f581d1bbcb8981f9f1ce41082
82341aee16d2541d507623f4727ac54ef4776400e97522941d1358c41008fe03
8340d39f84b88a9db8757a9a46884da9eb8a807f0f0cd1f76811e82d994c4a16
890bf4ff46b24c5b1e44fd81d5ce3b3f9a76c58345ca6d1596eac50786c24c51
893cdd7dfe26424cfd71c4836a058d5d8f81503eee3f4434cb4981d8914f2caf
89b0ea2ee92cd41d549993994399dc5c84e7bd6843338a012717b83dbaf4aa69
8f9183c9025e4c8ae4ebfc2895faced5f0a8e2e95eece72e19359e99625ad76f
9041af434ed5779b12f618e94d7ba7ce615d34143f243a425e37e5d12a63a366
9078e9326558644ecca6323f55b128355bd3363c9bab2aa504d18be4aac0ec73
90e152337c4e1fc4485d5ee6d51aaf7f1287eb1561b86e6dcf678de7ea00bf20
9109e1734503ef7599c738349c730363cfc899bada4822154c54b649af634358
96e351a9638485b4589773be0b9e993cd5acf66da3a3dcb5c5e67ab6d5c9dca8
97d9f60a8d889c9f037bd0fda882f76bd316aa4a9b53918457d5ebab43a02394
97dc9835b26adf12a447b1b3606c1029e95f06d5898c48b4b13bf29f1a542ee9
984a79b5b6ddb61594e3c9774933b4c33196d719d44532d589173ad6886791b2
9c62b1499a1c42dcf4a61653b7983b540bd000573de0a699b7858bb0b0f601c7
9c8f3a924c8e0131a2fd7c9171117bccc975c50130091855a01c914042a4c8e3
9c9ac7ae22dcab1d85b709dd46f1c6f2cd4c30f463e46d6a00d88ab65e5e1805
9d98e87b3f773786c524f3c5b61d5bdc45e4c788aa4f19e466ae9b52704f3208
9e1738d39b4613f2625b5ef1ae833165a1ee679afe335f9d80b648f9f76b65a2
9e38372c79a9616db2e08da1896679af6f915532e4e0454f0fb4c5868cb36f57
a0d8c4dffcfae62b0cf302a5a12bf87f55ca9e556962d53984703e01493b4d05
a1d5bf8ec8933449cb840808e756644b585942d4f9abe5a730cbb2ad3cf2ec53
a315d90ee877ec77adf4dcb151307f4c2ed3be5e623302b6c2030322bfada036
a31b03f3d83bfaa85831436a8a5e8bef8576f0e26d31cbaf4c92585178e0a3f8
a4c9516d748c0eb4dd50a9f10038e1edfbef9fd427c60f827b29f4229b3951d6
a610e1423cba37e906bdc4393174e0f2094a85bd756845fa48b2549a3a4b1ec4
a69fa3ccd6ccc8b251dc3609f2c4a2c399e3f94f4583ad590db81c9622cc305d
a782e55d00ab511f2640007b4eefe67a4a27073ccb7ded80139ad7d1e078080e
a8d234a26679c107e349261dbc81ce1954d19ff4e7de990717d665d804fac5c5
aaaf6fa47ae0336ffd96870714c41e705188d241977ff4b52ceeeec303e5437f
ae8b89461f8047826153619a6de4628de87a62db4042db5674e237894848f218
aee3796d488ffb97f8f257f505f6463424ecafa60478e6c5491cdcfae52732a6
aef7a2f55eaef0f6ed25ff8ad6e6ef131a701c42cb2a7577e0b7537641fd154d
b1f31a6b2ab2ff1da1ca3970728d58c5b657f331c168d7a067e837f2c71e5729
b2dfa19bd98ab4a9fddb1f7adf1a9299e10fb349738bef1f2889083abb9855e7
b31400b92b43fdecb3da3189faec45089551743cf463580d058b517bc7356c45
b61d41b5cbf124bbf9700a53277b0105cedb1ec89e6e7d457480aaa4681d20f8
b89dfb563e5190e9b51fc072865ef7e3c77383cc711dcace5b4993eece6ddfd6
b8cb5377f405cbd8960467b40e3157c4126fc76c515051dadc1ac0b684b7e623
b8e95a0e89184b9276ac27b4453bcfd37aca9a874eeccc954d0cc0af7caf8611
b9659119a3c7b13f8d4ac0449275295fa84d46614c5dcfb159b2de90a153ecc1
ba1f090280bfc5cf0cf85be0bf87ebfa60287744a2ae1e3fc48c81b2190b2e93
bbd394b2c45fa9826bae43b22f9760143f89d084496fd554e2630df1c81cabf2
be2dc5a10722af400281a91bbd19cf764e5fa6f0b36123cac1f0154e7666ea9b
be551cb7bbfd15dbd76c0b7e64d94610001554dc59e0c4f6e1a4642faf2934c9
beb78d667055fdefa9a9e19a5dfdfb8abdda09d643e24db1daef79673a712222
bfcdd69af88deaee329207457302e3ddde6fb461082c62fee7e07804d6b2288b
c1912af451d41169107500e5d3ac76a523906163882d79844d4eaae15aaace42
c44e33c8fd6809fad75db9c54d49fe842883126f52a986d8ebd2b3cc00145a37
c54e8eef343ddf228ab711c9f924df5197906aa4c3a7a856cf59017da10d2472
c59929cb3485251d0c6c1e84bbbbd73da5fcd032053a3f675981c48322a060fb
c7c53992a90fa9cd3658ab3daf91b06e48fc6279ade5d12bfb29a7d664ddd6ce
c7d5a459ffcef60356d5b15615583d02415604953f0ee15713286bebb69df0b6
c8a2ea77c506d68eddea1a27762f83809b32e487d95434d6845095cd921f9917
c8f1e2875f04cc67a72b87fd50a65dd3e30755a0bb38c0e2dd00ccee193f4b18
c9c1f2f199b1bde8ce714fc6a41606464af97c669dbcdf1a116c025a11b185c7
ca8fe80de3707a26a3df96efe0a05455fa3fb681a882860bd7eb480902cf7b57
cb465dfdc49522b2eb387961c80e5cfe2f4800c4f42bf0ef79a7b614e5fc1daf
cc90a96fb3c15662a9669fab339c31f494d7c15503d1e6a05bc01b4745e9f3b1
cd77baf5c92b4d189707bc93e6eb78d6bbc43f24a13ff5ee90c84763e690229f
cdeca88d213bee428c18e0e205c64b121044ddafe8c0f8678af3c4caa438b7a3
cf4c65ee5b55716937208daf4147d488862e651b9381929e1d961a65bc1f8701
d13c9255f5ad32bb2ba8aa17d8dfa354f7197c118b4f60a310f972cd822b256c
d190078f5c6e5eb9f4963acf1b5d7109921fe1af31b3fb1d819ddd08c3ee1555
d1c0bcf4d49a938c51b7771c663d799f84469ca270514bea16f64dbcbff3963f
d1f1bfe698f2ffb7b3e7a885a301d58f9554d45df0a31c3e8b53c84b33c80d27
d3ee53a1f476f10915f5b1b3453671428d2a99de0d0c09ad5540e352cf5a8767
d4dfa5f4be8bab46d661def70d28696d4dd1f5ea97993d5b33c2d10406ff1fd4
d590a067a5e53f9fd175c2208c8868cb1ffa41196c89c7cea571d816fe8c5d2c
da59ecda54281bc76ce60ae8a9c12eb0e5e614fbcccd571b747d424ce04891cf
dc5dbfd283de05deaa4901670975c8b2d44640b4e22438859ad6716c9d8b9a20
dcdb299c486d19e2580b3c6c88891420e6541d642de1a945f638ded4615d05d1
dd56b2eeb91319d35a2944cde303b3b3ff768bc9838ce8881015d6915a304b83
dfdef2e56930d6d979c33351a95649af40149c9545f86345fac6eefa5f3313f1
e1d1985b7920d77878b813297efb1b8a4ecb9ed7e541e854d048623c86e511bb
e33948a576ba37bcb8d44cb5954847ce993d658fb78eea6e09a2d180f7f5d36c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3fc400fa4e906282784cd3ada73fca55a160fc88e235d3885ba671e0e44587c
e685a3e2626b5be478fef0d889ffbe20174ff240f6dd5d1bccd3228bb62e5f58
e7de4d9a448af46ba48c0c860e9e1addf8c6f3214cd0af75a3eb0b0c3015c91f
e7f5c3176818e414720fe53b9431afff5253c9b468be858454c84d4ece7bff98
ea9cd306c49d379289c34125209828d3a1141e8bbb252eb585678a006578b0cf
ea9e8565f85f644131f4989bf934805493dcee14ce33d26e4b2655be13bec838
eaa4532ffb0612bc5baf54dae58cfeb25a5a644dbeec379e12cdcf365ec9e202
eabb1c65604b612d86642e8ffa4779ce31aadc0fba5b121d55bd489ffad0b91d
ed1a79f3111823e06fe09482a684c250fee3172621779b83d25d86853ea3ae71
eed68f3f872d19a1da8a6a8e0b53979c67a8d8bcfd605244274ba809c8a7fedf
ef2f7b8fe39fba05d92730366ca0863bbfe80152a5e259dbe6263f775fa1cadd
ef31b2ea46dff3569158dd9825606a6db525e12ee3ff63e6db40660f7a3af546
f2f71cbc092f754cf4eaedafcdf2aca79b883718ab2c48b9f9293bbd0feac5a6
f4d059d677b8a3536c708646dde04e44e75bffcd29d4888a2e1d037ecbb31191
f6b867ccd9e2f07f6b63eeebfec8dea030de76d2bfbc8df28f2ae3be87ba98a9
f6e91d2f19b978c3c2306e6fac1af644685575beff1a608d2dab10bbfb4a118d
f94bc8b3890db38bb0e376a667cc8aa9b9efdea0c7c97249c2ad57abe2b1df93
f9ec534b9f5fe9b2e3e05ad55eca8f595c95be8b66254f1689acaf068a8e1f28
fa208c245c38d5f9e1d7ee6422506944cf9e0d87a9af78983f0f5a8643bad272
fa68ce6d277ff0178c8d35c410529d2f98ba5a26ad633994012a79f7f0a77033
fd672d9667d2e65eb0cbc17f8a2e3f3852f54feb1cab530970673f95c64343a0
fe9f2b8249572c2cf05dd565684a95c757ab1ce9d3620a7ea14acb29b9dbe732

pevi.r4b5u2t.com Open in urlscan Pro 172.65.194.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

277 Requests

79 %HTTPS

14 %IPv6

25 Domains

27 Subdomains

15 IPs

7 Countries

6627 kBTransfer

14894 kBSize

5 Cookies

0 Outgoing links

Redirected requests

277 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

pevi.r4b5u2t.com Open in urlscan Pro
172.65.194.65 Public Scan

Screenshot
Live screenshot

Full Image

277
Requests

79 %
HTTPS

14 %
IPv6

25
Domains

27
Subdomains

15
IPs

7
Countries

6627 kB
Transfer

14894 kB
Size

5
Cookies

277 HTTP transactions
4 data transactions