urlscan.io logo urlscan.io
SecurityTrails logo

s05i0wu4vq5m9e4x.app Open in urlscan Pro
16.163.251.42  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://zpk.app/
Effective URL: https://s05i0wu4vq5m9e4x.app/casino
Submission: On July 13 via api from BE — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 5 countries across 4 domains to perform 34 HTTP transactions. The main IP is 16.163.251.42, located in Hong Kong and belongs to AMAZON-02, US. The main domain is s05i0wu4vq5m9e4x.app.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 4th 2024. Valid for: a year.
This is the only time s05i0wu4vq5m9e4x.app was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 202.95.12.144 152194 (CTGSERVER...)
2 16.163.251.42 16509 (AMAZON-02)
17 104.18.16.119 13335 (CLOUDFLAR...)
2 18.155.68.12 16509 (AMAZON-02)
3 203.107.62.161 37963 (ALIBABA-C...)
34 5
1    202.95.12.144 (Singapore)

ASN152194 (CTGSERVERLIMITED-AS-AP CTG Server Limited, HK)
zpk.app
2    16.163.251.42 (Hong Kong)

ASN16509 (AMAZON-02, US)
PTR: ec2-16-163-251-42.ap-east-1.compute.amazonaws.com
s05i0wu4vq5m9e4x.app
17    104.18.16.119 (None, )

ASN13335 (CLOUDFLARENET, US)
qwerpi56k009fluid.nfjk3hu.app
2    18.155.68.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-155-68-12.sin52.r.cloudfront.net
i18n-vd009.0571kowa.com
3    203.107.62.161 (China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
Domain Requested by
17 qwerpi56k009fluid.nfjk3hu.app s05i0wu4vq5m9e4x.app
qwerpi56k009fluid.nfjk3hu.app
3 vd009-bhtpeu4xrn-bgp-api.0571kowa.com qwerpi56k009fluid.nfjk3hu.app
2 i18n-vd009.0571kowa.com qwerpi56k009fluid.nfjk3hu.app
2 s05i0wu4vq5m9e4x.app
1 zpk.app 1 redirects
34 5

This site contains no links.

Subject Issuer Validity Valid
s05i0wu4vq5m9e4x.app
Go Daddy Secure Certificate Authority - G2		 2024-05-04 -
2025-05-04		 a year crt.sh
nfjk3hu.app
WE1		 2024-06-16 -
2024-09-14		 3 months crt.sh
0571kowa.com
R11		 2024-06-09 -
2024-09-07		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://s05i0wu4vq5m9e4x.app/casino
Frame ID: 1E14018C202C67CE01ED1FA22FFBE46C
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://zpk.app/ HTTP 302
    https://s05i0wu4vq5m9e4x.app/casino Page URL

Page Statistics

34
Requests

71 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

5
Countries

691 kB
Transfer

2360 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://zpk.app/ HTTP 302
    https://s05i0wu4vq5m9e4x.app/casino Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request casino
s05i0wu4vq5m9e4x.app/
Redirect Chain
  • https://zpk.app/
  • https://s05i0wu4vq5m9e4x.app/casino
45 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s05i0wu4vq5m9e4x.app/casino
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
16.163.251.42 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-163-251-42.ap-east-1.compute.amazonaws.com
Software
nginx / Express
Resource Hash
00f7cbd2afffd0b96aa4652a79ff2ee2ad6afa39465ae24294c2a21fcb41ec77

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Sat, 13 Jul 2024 14:51:13 GMT
etag
W/"b41c-Zoc9HJfKsXG/7gG/Ea0qUk6/aS8"
server
nginx
x-powered-by
Express

Redirect headers

content-type
text/html; charset=UTF-8
date
Sat, 13 Jul 2024 14:51:13 GMT
location
https://s05i0wu4vq5m9e4x.app/casino
server
nginx
strict-transport-security
max-age=31536000
index-b007f853.js
qwerpi56k009fluid.nfjk3hu.app/assets/ 		1 MB
340 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Requested by
Host: s05i0wu4vq5m9e4x.app
URL: https://s05i0wu4vq5m9e4x.app/casino
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3b8ab20e5e5827ad5d23c553d0b341787e840b1cbf63b73c8b01175dbd7f00f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s05i0wu4vq5m9e4x.app/
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:13 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
6ZJYCWX2ZDXG3ED8
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ief/Tnqwe+dLXamuETPRHHlPH5r/XS+V+KALPtbB0J3UHU34teN3J0BF9EBc/A6FsNgOkeeLl44=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:49:17 GMT
server
cloudflare
etag
W/"1ba16e7780399bf02ba7c4337cfde476"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a17033d1bab5b-SIN
expires
Tue, 13 Aug 2024 14:51:13 GMT
index-d6adb384.css
qwerpi56k009fluid.nfjk3hu.app/assets/ 		240 KB
32 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-d6adb384.css
Requested by
Host: s05i0wu4vq5m9e4x.app
URL: https://s05i0wu4vq5m9e4x.app/casino
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6adb384485ced87476d806c49e79f151f2f2135bb19ef43302bef6bd02c60f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s05i0wu4vq5m9e4x.app/
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
6ZJT8FJ3V9E82B57
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ETK4qa5OpCEcVsjTmIXa1xRyJ0tY83/BhHQfuh0LA5Tabuy6G0B4dCDfg5zgwXE7NHeZ8Mm6I04=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:49:26 GMT
server
cloudflare
etag
W/"077cee298513dde499d75d2cbc211c29"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
text/css
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a17033d18ab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
registerSW.js
qwerpi56k009fluid.nfjk3hu.app/ 		134 B
837 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/registerSW.js
Requested by
Host: s05i0wu4vq5m9e4x.app
URL: https://s05i0wu4vq5m9e4x.app/casino
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s05i0wu4vq5m9e4x.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:13 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-request-id
FQYD7W1WSRPTKV2Y
age
1893
alt-svc
h3=":443"; ma=86400
x-amz-id-2
iC9+Yvmm+7dcB8ZsTBOvQuVGzW/ZJExXnZ/JqG660KaBZT0t/yaUfN/8hDjiZF1QI73U0yQkDak=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:51:27 GMT
server
cloudflare
etag
W/"1872c500de691dce40960bb85481de07"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
cache-control
public, max-age=14400
cf-ray
8a2a17033d059cde-SIN
expires
Sat, 13 Jul 2024 18:51:13 GMT
ua-parser-0e9b20a1.js
qwerpi56k009fluid.nfjk3hu.app/assets/ 		17 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/ua-parser-0e9b20a1.js
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b894383ca1f01e315a47e35013c0e65bb6b7798685a39e913182f86889b88968
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
SKGB4M9VX2J9WFGA
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tAZjlegiB1foZp9QhPDgYe1Pc3bMG1QL9dwNzJjR9PnbkHiGhOYMnu++6Ku8irTiOBSb+tiYOoU=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:51:12 GMT
server
cloudflare
etag
W/"f9bec89e3aa43cdb5ff20bbc78000088"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a170568b3ab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
fp.esm-abe10519.js
qwerpi56k009fluid.nfjk3hu.app/assets/ 		38 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/fp.esm-abe10519.js
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af92a2426666cf50880be9c7f54f25af5fa6953cd3b22b60d9171053bce240d3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
SKG245B15QAJP0N7
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ORX4MRe6dDRuViwu6C/P348rnmAwhNNg+3O9fnDzuBo16Q4JE+A9A9TIX4aUkXC253KJpJj8PA8=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:48:17 GMT
server
cloudflare
etag
W/"66d8e11e50fbe7fb091939a0a13d0091"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a170588eeab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
index-7b95a78f.js
qwerpi56k009fluid.nfjk3hu.app/assets/ 		81 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-7b95a78f.js
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0819f7f52433c0e89f68976f9528ae67d49af3f3ff3a1646323aa0c6da75b9fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
SKG42WDNHGEBCP07
alt-svc
h3=":443"; ma=86400
x-amz-id-2
aWs2Vcy6HETf4LjEQfGizyhF77flMhfm+rjj9/GCyTl02pQ4rByvM/8L74uEMshlD1CrZPWmNQY=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:49:04 GMT
server
cloudflare
etag
W/"45d5b382aadeaf52b69b17e811b83a48"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a1705d945ab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
im-b45c2990.js
qwerpi56k009fluid.nfjk3hu.app/assets/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/im-b45c2990.js
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
662574d7f16b53bfc4a725df11c630d32625db17f2bdee9820074904095db9db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
SKG0QK6Q1EDQ369M
alt-svc
h3=":443"; ma=86400
x-amz-id-2
As2ywaiL/OSBMjckDgT4qRS0xpOPlIm6254E+1Fjb8eFeDBYeFeAQQmllok9YX0uBO1hq3KLDI4=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:48:34 GMT
server
cloudflare
etag
W/"1266c4db2c2697e8600cafa01ddf1334"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a1705d94cab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
zh_CN-2f145d4f.js
qwerpi56k009fluid.nfjk3hu.app/assets/ 		535 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/zh_CN-2f145d4f.js
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b6a1f54e198086396b46e6086b419ce61c788fd41746f1506c079948ccd689a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
SKG4V7A5KQKCHAPT
alt-svc
h3=":443"; ma=86400
x-amz-id-2
mr3yr0bamGSlivFaKiS5coN/V6yTyol2h8gdeq/uqN+VDsJKR0Vo8Aevnra+9nbBnw7cnjYipD4=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:51:26 GMT
server
cloudflare
etag
W/"309d1b9151447cda66e71ce7c733eace"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a1705d954ab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
logo-f5ac4820.js
qwerpi56k009fluid.nfjk3hu.app/assets/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/logo-f5ac4820.js
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6cbc84030b009a2340f24f56d9f850983a46b4a5e2f2fb111a46c5e2674543ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
SKG0PVCAKT2HNSGP
alt-svc
h3=":443"; ma=86400
x-amz-id-2
pq4kgVxzyxBmhg/piM8h1asbkp07/E8LfWfbHtDAPM3Cvs7LxgDsFIljvdThv5541uGV8hw3rIc=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:50:40 GMT
server
cloudflare
etag
W/"34ceab4a08939ba257753075db2df625"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a1705d957ab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
region-block-b6703bf8.js
qwerpi56k009fluid.nfjk3hu.app/assets/ 		523 B
1014 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/region-block-b6703bf8.js
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
432c7f3dbbb6a7ca50ba18cdc0f3fda8262ce58961e6a51bac17917017f7dfa8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
SKGA375V6Y02WHJQ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
EoMUazxc43plNjy3a0Qk/IdE1b3NvAkBS5SIzjVN/Z2i5Z2XrAMkZxceTMLeKLK7uetY3kHj+Uo=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:50:52 GMT
server
cloudflare
etag
W/"be36b94eb1c2fa4869732a98981ef958"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a1705d95aab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
fluid
i18n-vd009.0571kowa.com/api/v2/i18n/PROD/version/ 		53 B
432 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i18n-vd009.0571kowa.com/api/v2/i18n/PROD/version/fluid
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-12.sin52.r.cloudfront.net
Software
nginx/1.14.1 /
Resource Hash
e63dc064cd6275cfcfa04bf5ebab683da7afcc8d37e94fa4b849e59b1370b4a9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://s05i0wu4vq5m9e4x.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:05 GMT
content-encoding
gzip
via
1.1 f7caf16a2d753babfb1d264f0586f374.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.14.1
x-amz-cf-pop
SIN52-P1
age
9
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
81
x-amz-cf-id
KceqUHzc6IWgERo3O0sEnnwzHVYGi_D94DNPsiTw2Qgt2s49BZ_4IQ==
favicon.ico
s05i0wu4vq5m9e4x.app/ 		707 B
966 B 		Other
General
Check archive.org
Download Go to
Full URL
https://s05i0wu4vq5m9e4x.app/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
16.163.251.42 , Hong Kong, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-16-163-251-42.ap-east-1.compute.amazonaws.com
Software
nginx /
Resource Hash
51f52733becdf015f24066af1255eff945117a995f8b5a3515fe3ab40e617713

Request headers

Referer
https://s05i0wu4vq5m9e4x.app/casino
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
last-modified
Tue, 09 Jul 2024 03:51:27 GMT
server
nginx
x-amz-request-id
SKG0A7QVGWQAVK4F
etag
"09a4f00d1f882a88efb83e098bd445f6"
content-type
image/vnd.microsoft.icon
content-length
707
x-amz-id-2
psQjbaFCeYc/rrxUJ0JMgh8wXsoNR9dIn+RgXBCONAJX9Vu1GWwrWZbQ5z8eGE+omeDA/Cr5zAE=
device-list-3c44e804.js
qwerpi56k009fluid.nfjk3hu.app/assets/ 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/device-list-3c44e804.js
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fef970be58a3455000217ba6c85bc1b0f476472fff17ae770ee3f227aa6dfa78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
SKG5TB74ENRB5W5J
alt-svc
h3=":443"; ma=86400
x-amz-id-2
+Zup2dnvSIWjXp4PgfTWEzscJ2dI7gSKXOSZPnQ3R5ibfdRZnhrTeyXkylSxOVmi1s9vpGarsTk=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:48:08 GMT
server
cloudflare
etag
W/"94dc1181ca5b36267153a0490f4fb422"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a17067a62ab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
bd9-ipBlock-bb62ce1e.png
qwerpi56k009fluid.nfjk3hu.app/assets/ 		0
0
bd9-ipBlock-db70d701.webp
qwerpi56k009fluid.nfjk3hu.app/assets/ 		53 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/bd9-ipBlock-db70d701.webp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db70d701be36cb0afcec5fbf2fcec28f52893cb3fd2ced874c2e1ca6a16e3d99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s05i0wu4vq5m9e4x.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
0GVPHN4QRM4CHKYS
age
252415
alt-svc
h3=":443"; ma=86400
content-length
54482
x-amz-id-2
icsltXBrhAhbCAdNsX3ECjvO4I/ES0Kii7fG6WzPqrqTukDKpmhJoUSt6POX6OWQFcpr+be25KM=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:47:52 GMT
server
cloudflare
etag
"9d160c2a9d20bde8526cffeb02427ff2"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
binary/octet-stream
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
8a2a17077a799cde-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
bd9-service-2132c6b1.svg
qwerpi56k009fluid.nfjk3hu.app/assets/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/bd9-service-2132c6b1.svg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2132c6b1199447001d06dec07fa72a94b710674fc87120281bbfe2eaab6b8562
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s05i0wu4vq5m9e4x.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
x-amz-request-id
0GVKMF308P26B51K
age
252415
alt-svc
h3=":443"; ma=86400
x-amz-id-2
JMerZgZvmJ39exLGeA3rhQUU9Pspul2pgrRJXZWbtdQ8p320lR+EGZwqO3tv0TlZDpDZt9HAOfY=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:47:52 GMT
server
cloudflare
etag
W/"3af446670f3ea28982c82376e327d071"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/svg+xml
cache-control
public, max-age=2678400
cf-ray
8a2a17077a7b9cde-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
bd9-primary_logo-94aaed50.png
qwerpi56k009fluid.nfjk3hu.app/assets/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/bd9-primary_logo-94aaed50.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
94aaed50f0651a165a80039013d5d56d5ceb60a023702875001a096b1e38c8e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s05i0wu4vq5m9e4x.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
0GVXZ65ARY1AFNMC
age
252415
alt-svc
h3=":443"; ma=86400
content-length
16696
x-amz-id-2
EeYy/u4mUBzg4B4B5HNWc9OxeUp9Mwz8bWeLNZXXQvqkQk1z/zv5RSFykCuTxLDgrW5D4seEL0s=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:47:52 GMT
server
cloudflare
etag
"8bf949c270162aa5f46f678cc2325d1d"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
8a2a17077a7e9cde-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
temp_video-171d08a4.mp4
qwerpi56k009fluid.nfjk3hu.app/assets/ 		6 KB
7 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/temp_video-171d08a4.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
171d08a4273625dea9657553180e46645df43f2b14ced5e29b470bd8132dda47
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://s05i0wu4vq5m9e4x.app/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
HIT
x-amz-request-id
0GVN08SWQCSFBDPT
age
252415
Content-Range
bytes 0-6237/6238
alt-svc
h3=":443"; ma=86400
Content-Length
6238
x-amz-id-2
D/Qp+VyqxrApX82c9egilS92KXphquCMw4rTZ+IQ/VHXWPxC+Dc01sYGiKUfWcjcqQ4BDZFvMm4=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:51:08 GMT
server
cloudflare
etag
"d4275dbe32ed8f49a4fbfa98c47537eb"
expect-ct
max-age=86400, enforce
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
video/mp4
cache-control
public, max-age=2678400
cf-ray
8a2a17078a899cde-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
zh_CN
i18n-vd009.0571kowa.com/api/v2/i18n/PROD/diff/fluid/49/62/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://i18n-vd009.0571kowa.com/api/v2/i18n/PROD/diff/fluid/49/62/zh_CN
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.155.68.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-155-68-12.sin52.r.cloudfront.net
Software
nginx/1.14.1 /
Resource Hash
1ff3d6cae6615c4ccb17f49070dc7779e7512c4ee7d4d8ca8605e11f90c18f51
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
application/json, text/plain, */*
Referer
https://s05i0wu4vq5m9e4x.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:05 GMT
content-encoding
gzip
via
1.1 f7caf16a2d753babfb1d264f0586f374.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx/1.14.1
x-amz-cf-pop
SIN52-P1
age
9
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
1215
x-amz-cf-id
-Gmxs_nqOG9yswQ155c0M5CtkqZwyNFmd0VGio2_vvMziJ0b7ZauqQ==
downloadCheckRegion
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/ 		0
0
downloadCheckRegion
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/downloadCheckRegion?device=undefined
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-uuid
Access-Control-Request-Method
GET
Origin
https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Sat, 13 Jul 2024 14:51:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://s05i0wu4vq5m9e4x.app
timezone-af45c9c0.js
qwerpi56k009fluid.nfjk3hu.app/assets/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/timezone-af45c9c0.js
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
736251a8d4a5dc11d223bc75a262b6c85f56dadd076c92fcdf6ba5bc66ad11c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Origin
https://s05i0wu4vq5m9e4x.app
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
SKG5HBHTDJXHPQ2X
alt-svc
h3=":443"; ma=86400
x-amz-id-2
tR2z+LQ6oOxbviiC/UALJUN/maGW724+61xwx0+JEsE0P3GJBW80EKOfsuDIVVB9XnIOvjDnNcs=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:51:11 GMT
server
cloudflare
etag
W/"9c5c277a1f8bcc055ce23f188a16794c"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a1708edf2ab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
timezone_zh-cn-e8c29cd6.json
qwerpi56k009fluid.nfjk3hu.app/assets/ 		35 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/timezone_zh-cn-e8c29cd6.json
Requested by
Host: qwerpi56k009fluid.nfjk3hu.app
URL: https://qwerpi56k009fluid.nfjk3hu.app/assets/index-b007f853.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.16.119 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8c29cd671d59670858240aa2657077e4516b527c124043cc2c7eae1ecb11ec9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json, text/plain, */*
Referer
https://s05i0wu4vq5m9e4x.app/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Sat, 13 Jul 2024 14:51:14 GMT
x-amz-version-id
null
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
x-amz-request-id
SKG7NCM8NK3RS6QK
alt-svc
h3=":443"; ma=86400
x-amz-id-2
UEZBEsPZ5DXIH74rOM6wyBSP4/yQfmP5F//wVcAikG8y5I8lJrG2Nl1wNUcEQIuebtnFUAiDI38=
x-xss-protection
1; mode=block
referrer-policy
same-origin
last-modified
Tue, 09 Jul 2024 03:51:11 GMT
server
cloudflare
etag
W/"e60f8ea56df39a261145207b9cc23c29"
expect-ct
max-age=86400, enforce
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
ETag
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
public, max-age=2678400
x-frame-options
SAMEORIGIN
cf-ray
8a2a1709def8ab5b-SIN
expires
Tue, 13 Aug 2024 14:51:14 GMT
mapping
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/thirdparty/game/currency/ 		0
0
config
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/ 		0
0
language
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/ 		0
0
constants
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language/ 		0
0
mapping
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/thirdparty/game/currency/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/thirdparty/game/currency/mapping?isLogin=false
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
apptype,browser,device,screen,time-zone,x-uuid
Access-Control-Request-Method
GET
Origin
https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Sat, 13 Jul 2024 14:51:16 GMT
access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,pc
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://s05i0wu4vq5m9e4x.app
customerService
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/sysmaintenance/ 		0
0
config
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/ 		0
0
language
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/ 		0
0
constants
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language/constants
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
203.107.62.161 , China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
accept-language,apptype,browser,device,pvd,screen,time-zone,x-uuid
Access-Control-Request-Method
GET
Origin
https://s05i0wu4vq5m9e4x.app
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Date
Sat, 13 Jul 2024 14:51:17 GMT
access-control-allow-credentials
true
access-control-allow-headers
accept,accept-language,access-control-request-method,access-control-request-headers,authorization,content-type,origin,user-agent,x-access-token,time-zone,os,screen,client,device,browser,appVersion,phoneBrand,phoneModel,deviceMode,cks,appType,currency,x-uuid,sport-token,pvd
access-control-allow-methods
GET,HEAD,OPTIONS,PUT,POST,PATCH,DELETE
access-control-allow-origin
https://s05i0wu4vq5m9e4x.app
customerService
vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/sysmaintenance/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
qwerpi56k009fluid.nfjk3hu.app
URL
https://qwerpi56k009fluid.nfjk3hu.app/assets/bd9-ipBlock-bb62ce1e.png
Domain
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/downloadCheckRegion?device=undefined
Domain
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/thirdparty/game/currency/mapping?isLogin=false
Domain
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/config?terminal=1&isLogin=false
Domain
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language
Domain
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language/constants
Domain
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/sysmaintenance/customerService
Domain
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/user/tiger-system/config?terminal=1&isLogin=false
Domain
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/im/api-gateway/v1/anchor/web-anchor/language
Domain
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
URL
https://vd009-bhtpeu4xrn-bgp-api.0571kowa.com/platform/sysmaintenance/customerService

Verdicts & Comments Add Verdict or Comment

18 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _env_ string| _version object| vendorEnv object| oldEnvConfig object| oldIpInfo object| ipInfo object| deferredCallbackList boolean| isOnline object| isOnlineCallbackList function| notifyIsOnline function| getNewSportConfig object| $env function| subscribeDeferredPrompt function| subscribeIsOnline object| log function| Hammer object| $lotteryObserver boolean| __vite_is_modern_browser

2 Cookies

Domain/Path Name / Value
.nfjk3hu.app/ Name: __cf_bm
Value: jHrh8GzInrs6kwpHfuJE4ZEb.hGW18l9buE.2o6trI4-1720882273-1.0.1.1-2GM4yPTyOSRhMVfu1rudKBwWe6bTaqpmGwGwKNN38GuS0E1VnDiMnI6Tr10mKURbg76NRMZjJn0Xnqhaf9DwfA
.nfjk3hu.app/ Name: _cfuvid
Value: 0QKMq5Gii8k8crqM2JO8H0KlNqhJjtNAUO5SHfKvcAw-1720882273815-0.0.1.1-604800000

1 Console Messages

Source Level URL
Text
network error
Message:
A bad HTTP response code (404) was received when fetching the script.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

i18n-vd009.0571kowa.com
qwerpi56k009fluid.nfjk3hu.app
s05i0wu4vq5m9e4x.app
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
zpk.app
qwerpi56k009fluid.nfjk3hu.app
vd009-bhtpeu4xrn-bgp-api.0571kowa.com
104.18.16.119
16.163.251.42
18.155.68.12
202.95.12.144
203.107.62.161
00f7cbd2afffd0b96aa4652a79ff2ee2ad6afa39465ae24294c2a21fcb41ec77
0819f7f52433c0e89f68976f9528ae67d49af3f3ff3a1646323aa0c6da75b9fe
171d08a4273625dea9657553180e46645df43f2b14ced5e29b470bd8132dda47
1ff3d6cae6615c4ccb17f49070dc7779e7512c4ee7d4d8ca8605e11f90c18f51
2132c6b1199447001d06dec07fa72a94b710674fc87120281bbfe2eaab6b8562
432c7f3dbbb6a7ca50ba18cdc0f3fda8262ce58961e6a51bac17917017f7dfa8
51f52733becdf015f24066af1255eff945117a995f8b5a3515fe3ab40e617713
662574d7f16b53bfc4a725df11c630d32625db17f2bdee9820074904095db9db
6cbc84030b009a2340f24f56d9f850983a46b4a5e2f2fb111a46c5e2674543ce
736251a8d4a5dc11d223bc75a262b6c85f56dadd076c92fcdf6ba5bc66ad11c5
7b6a1f54e198086396b46e6086b419ce61c788fd41746f1506c079948ccd689a
94aaed50f0651a165a80039013d5d56d5ceb60a023702875001a096b1e38c8e0
9742073ef7fc795e7673d98f272992843298426a0ffd8cb3507784df5143608b
a3b8ab20e5e5827ad5d23c553d0b341787e840b1cbf63b73c8b01175dbd7f00f
af92a2426666cf50880be9c7f54f25af5fa6953cd3b22b60d9171053bce240d3
b894383ca1f01e315a47e35013c0e65bb6b7798685a39e913182f86889b88968
d6adb384485ced87476d806c49e79f151f2f2135bb19ef43302bef6bd02c60f4
db70d701be36cb0afcec5fbf2fcec28f52893cb3fd2ced874c2e1ca6a16e3d99
e63dc064cd6275cfcfa04bf5ebab683da7afcc8d37e94fa4b849e59b1370b4a9
e8c29cd671d59670858240aa2657077e4516b527c124043cc2c7eae1ecb11ec9
fef970be58a3455000217ba6c85bc1b0f476472fff17ae770ee3f227aa6dfa78