urlscan.io logo urlscan.io
SecurityTrails logo

itunessdk.com Open in urlscan Pro
2606:4700:3033::6815:2585  Public Scan

Go To Rescan Add Verdict Report
URL: https://itunessdk.com/
Submission: On November 09 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 3 countries across 11 domains to perform 32 HTTP transactions. The main IP is 2606:4700:3033::6815:2585, located in United States and belongs to CLOUDFLARENET, US. The main domain is itunessdk.com.
TLS certificate: Issued by GTS CA 1P5 on November 9th 2023. Valid for: 3 months.
This is the only time itunessdk.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 107.148.40.98 398823 (PEG-LA)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
9 34.78.189.58 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
1 192.0.77.48 2635 (AUTOMATTIC)
2 2600:9000:206... 16509 (AMAZON-02)
1 2600:9000:211... 16509 (AMAZON-02)
2 18.195.235.189 16509 (AMAZON-02)
3 2a04:4e42:8d:... 54113 (FASTLY)
32 12
2    2606:4700:3033::6815:2585 (United States)

ASN13335 (CLOUDFLARENET, US)
itunessdk.com
6    2606:4700:3037::6815:1096 (United States)

ASN13335 (CLOUDFLARENET, US)
www.k8.autos
1    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    107.148.40.98 (United States)

ASN398823 (PEG-LA, US)
1etu.com
1    2606:4700:3035::6815:3b06 (United States)

ASN13335 (CLOUDFLARENET, US)
3ae.jp
9    34.78.189.58 (Brussels, Belgium)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 58.189.78.34.bc.googleusercontent.com
landing.k8.io
2    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    192.0.77.48 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: s.w.org
s.w.org
2    2600:9000:206f:de00:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)
ik.imagekit.io
1    2600:9000:211e:2c00:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
2    18.195.235.189 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
k8.matomo.cloud
3    2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)
landing-k8.imgix.net
Apex Domain
Subdomains		 Transfer
9 k8.io
landing.k8.io
85 KB
6 k8.autos
www.k8.autos
42 KB
3 imgix.net
landing-k8.imgix.net
533 KB
3 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 16488
k8.matomo.cloud
58 KB
2 imagekit.io
ik.imagekit.io — Cisco Umbrella Rank: 22793
47 KB
2 gstatic.com
fonts.gstatic.com
74 KB
2 1etu.com
1etu.com
24 KB
2 itunessdk.com
itunessdk.com
22 KB
1 w.org
s.w.org — Cisco Umbrella Rank: 2772
680 B
1 3ae.jp
3ae.jp
518 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
1 KB
32 11
Domain Requested by
9 landing.k8.io itunessdk.com
landing.k8.io
6 www.k8.autos itunessdk.com
3 landing-k8.imgix.net
2 k8.matomo.cloud cdn.matomo.cloud
2 ik.imagekit.io landing.k8.io
2 fonts.gstatic.com fonts.googleapis.com
2 1etu.com itunessdk.com
1etu.com
2 itunessdk.com itunessdk.com
1 cdn.matomo.cloud landing.k8.io
1 s.w.org itunessdk.com
1 3ae.jp 1 redirects
1 fonts.googleapis.com itunessdk.com
32 12
Subject Issuer Validity Valid
itunessdk.com
GTS CA 1P5		 2023-11-09 -
2024-02-07		 3 months crt.sh
k8.autos
GTS CA 1P5		 2023-10-25 -
2024-01-23		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.1etu.com
R3		 2023-09-21 -
2023-12-20		 3 months crt.sh
landing.k8.io
R3		 2023-09-26 -
2023-12-25		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.w.org
Sectigo ECC Domain Validation Secure Server CA		 2022-12-06 -
2024-01-06		 a year crt.sh
*.imagekit.io
Amazon RSA 2048 M01		 2023-02-22 -
2024-03-22		 a year crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M03		 2023-10-27 -
2024-11-23		 a year crt.sh
*.matomo.cloud
Amazon RSA 2048 M02		 2023-06-21 -
2024-07-19		 a year crt.sh
*.imgix.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-03-05 -
2024-04-05		 a year crt.sh

This page contains 2 frames:

Primary Page: https://itunessdk.com/
Frame ID: 4763D169E103BC4BA55FBB0E66CB64CC
Requests: 15 HTTP requests in this frame

Frame: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Frame ID: 0AA0AEB8E38432673E998B729E4B9D6D
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

k8 カジノ k8 casino - k8.autos

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

32
Requests

97 %
HTTPS

67 %
IPv6

11
Domains

12
Subdomains

12
IPs

3
Countries

886 kB
Transfer

1426 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8
  • https://3ae.jp/I5108 HTTP 302
  • https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
itunessdk.com/ 		82 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itunessdk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3009f00173235a64d489a962a75bbd48f7618675c283bef0c88750f02fe296af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8234e3a5fcb36ae7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 09:04:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JgX7fAZ9031wQzR0S5AChvnePkwVUE7MmYDUaihoE31j6Hk4FoJesyKmtXfo9aB3VmT6nEa%2FlXfPDzvJ4HzE2KFqZChFkP4GiyShdq5dcWIyFJQIQIr9is2TU99YLoICGktW5hDGIbX2T4km"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding Accept-Encoding, Cookie
html5.js
itunessdk.com/wp-includes/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itunessdk.com/wp-includes/js/html5.js
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2585 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ede7c571d321eaa850b14303287d1618053dc5d0f6198878509d9dbd8dc9777c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://itunessdk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 31 Oct 2023 17:30:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65413999-1b8d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RpTI4r5FttMGx3S%2FArXWlSfsI1QzsaxPrl2gzr%2FeZWa1ixTe8QOawLJfivxzW4mMS60IBng6QLT06ZeAvRVYgc3S4EnI0G7B1OwbHVZ%2F8vZXT6boHnmaMYAEGbhnOAIwZdHKbUf8VeXTCsnA"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8234e3a9087b6ae7-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Nov 2023 21:04:37 GMT
style.min.css
www.k8.autos/wp-includes/css/dist/block-library/ 		107 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.k8.autos/wp-includes/css/dist/block-library/style.min.css?ver=6.4
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://itunessdk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 08 Nov 2023 00:02:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"654ad030-1add3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C%2BhWyVm%2F2T1jjvmG8xnKc%2BHbssTDED2WS%2B1GvOGXVtD1AElsFH6GeNXeMTfqX4JPEJmNdmDNgc%2BHoiWu3BO2pP%2FIn26DM3yL5XjnVVUc1EaNfVx1ocBudkQyefc87VUUoSskiyt2URDymFM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8234e3a95f965b4a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Nov 2023 21:04:37 GMT
rounded-thumbs.min.css
www.k8.autos/wp-content/plugins/contextual-related-posts/css/ 		2 KB
752 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.k8.autos/wp-content/plugins/contextual-related-posts/css/rounded-thumbs.min.css?ver=3.4.1
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9571be7f559c3c899e939be3a946d1621e8bb5d49acc225d15fe0614adce1fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://itunessdk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 03 Nov 2023 23:50:14 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65458736-611"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kOU5LYCIbiVrIbT3SzwlHH2dGF9kuE%2BFUjjVPTVr2tlERms9s9i3GTI960PAUtrA6jfCiQnlRtD9nlkjGyiDqv0pP10bN%2BRScR4gBP%2FqNdti2bA4Y%2Fdo%2F90qiWbgtQh3clf9%2BF8JWa8KQe8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8234e3a95f985b4a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Nov 2023 21:04:37 GMT
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Inter%3A400%2C400i%2C700%2C700i%7CQuicksand%3A400%2C700&subset=latin%2Clatin-ext&display=swap
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d157d20a758729656a84627d91c078b05c66d1ae9ac8115894836f27e0abd52f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://itunessdk.com/
Origin
https://itunessdk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 09 Nov 2023 09:04:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 09 Nov 2023 09:04:37 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Nov 2023 09:04:37 GMT
autoptimize_single_3d393c28094539e3a5387d01ca9ec3b1.css
www.k8.autos/wp-content/cache/autoptimize/css/ 		65 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.k8.autos/wp-content/cache/autoptimize/css/autoptimize_single_3d393c28094539e3a5387d01ca9ec3b1.css?ver=1.1.1
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3b172c28e742f5468ac55428d8dae6f6c23fe0d11faa19f3714a9b5ad141ab19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://itunessdk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 03 Feb 2023 06:57:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63dcb040-10380"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DYau4g%2FAX%2FWBdgQ%2F4cTxxZN8qqRjeZwXcN6ofwshNAw8Vecg6Vh7pRZ9TYetWqmS1%2FyI0x%2BC8U%2FU7inJX8haTXPhg2OjejT87KHmrzmk3mlxmweP%2BrOyzRy7g2f3qVs1zzccoHakJfg1bd8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
8234e3a95f935b4a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Nov 2023 21:04:37 GMT
fallback-image.png
www.k8.autos/wp-content/themes/artpop/assets/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.k8.autos/wp-content/themes/artpop/assets/images/fallback-image.png
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d63969431cb17a3af7205a1dfcdf4de1b9e91496e8efd7ef5bf6addd6cc05c99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://itunessdk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:37 GMT
strict-transport-security
max-age=31536000
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
content-length
6172
last-modified
Sat, 17 Dec 2022 07:59:03 GMT
server
cloudflare
etag
"639d76c7-181c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nZkiwVD6t0bjBc0FGRI%2FxEzNyQA6kN%2BQYdAc%2Fc06a7FygO6gc51pyuntxAPaDO6%2BkVFj3aQnPbPsovUvWDtpDMhqI8xTeKepAW58oz5wDy%2F187yyrKwXgXDCpAU8pVGN123eCauhoSVWhWw%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8234e3a95f995b4a-FRA
expires
Sat, 09 Dec 2023 09:04:37 GMT
autoptimize_single_098bffb85090b67e7e2e1d9daacdb471.js
www.k8.autos/wp-content/cache/autoptimize/js/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.k8.autos/wp-content/cache/autoptimize/js/autoptimize_single_098bffb85090b67e7e2e1d9daacdb471.js?ver=20220905
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3f55aee085335e585c936242a697f15fb96b7c8f72b61d8532296f41cdfd0582
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://itunessdk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:37 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Fri, 03 Feb 2023 06:57:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63dcb040-1b8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IPpRBMDOxwD%2Bum2RGaj95C3BcYS1WbRuHPvWICTY93yG8%2B%2Fy8x0DFsXmFalQjBsuaYbmENMrjYB3orGlx5tkkqlAN3FwWgoKLlgW2k0fpOxNgL%2BrmNk9BaEYbcQS0eZa79nRc8KvvI8zp2Y%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8234e3a95f9a5b4a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Nov 2023 21:04:37 GMT
matomo.js
1etu.com/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1etu.com/matomo.js
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/wp-includes/js/html5.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.148.40.98 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://itunessdk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:38 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Fri, 25 Aug 2023 09:56:23 GMT
server
nginx
etag
W/"64e87ac7-10132"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Thu, 09 Nov 2023 21:04:38 GMT
/
landing.k8.io/ Frame 0AA0
Redirect Chain
  • https://3ae.jp/I5108
  • https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
46 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/wp-includes/js/html5.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.189.58 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.189.78.34.bc.googleusercontent.com
Software
nginx / Nuxt
Resource Hash
ce68f487d953f6e8a4a14eee35cca2a702085f8fe2f8f351edf1245ee3377ec3

Request headers

Referer
https://itunessdk.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html;charset=utf-8
Date
Thu, 09 Nov 2023 09:04:38 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding Accept-Encoding
x-powered-by
Nuxt

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8234e3abdd1835df-FRA
content-type
text/html; charset=UTF-8
date
Thu, 09 Nov 2023 09:04:38 GMT
location
https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HQMn%2BZheNqJcd%2BIYpssUckIYxAFBk6huS4ya3fLquvZR1zWuYAsLn2qxOXy8Q8K6wsBA%2BzkrAPKrgygzFoqWl2JyrDFjFIBkzHYdigUxFCcl7LJEhy%2FNB54bJPt0GdK81raHjsw%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
eac58891-22f4-42cb-b9b3-11df6347e6c8
https://itunessdk.com/ 		1 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://itunessdk.com/eac58891-22f4-42cb-b9b3-11df6347e6c8
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length
1245
Content-Type
text/javascript
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A400%2C400i%2C700%2C700i%7CQuicksand%3A400%2C700&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://itunessdk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:19:49 GMT
x-content-type-options
nosniff
age
571488
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:19:49 GMT
6xKtdSZaM9iE8KbpRA_hK1QN.woff2
fonts.gstatic.com/s/quicksand/v31/ 		27 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/quicksand/v31/6xKtdSZaM9iE8KbpRA_hK1QN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Inter%3A400%2C400i%2C700%2C700i%7CQuicksand%3A400%2C700&subset=latin%2Clatin-ext&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://itunessdk.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 18:23:17 GMT
x-content-type-options
nosniff
age
571280
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28064
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:22:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 01 Nov 2024 18:23:17 GMT
wp-emoji-release.min.js
www.k8.autos/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.k8.autos/wp-includes/js/wp-emoji-release.min.js?ver=6.4
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:1096 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://itunessdk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:38 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 30 Mar 2023 11:46:07 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6425767f-4904"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tImAH1htb%2BDdM7fJSFzZXjmLxn5DmkxyyS%2FBKlY7F8N6JcTmzjkcYtyzhyv0m0jCcIbrx8LYV9oroG%2B4zd%2FWzLA8eL6cgGtxHNrN5QemNdo0a9kRAP%2BmcbzZGZcEC1juPkBOPKKF20NQWA8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
8234e3ad2aad5b4a-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 09 Nov 2023 21:04:38 GMT
2764.svg
s.w.org/images/core/emoji/14.0.0/svg/ 		368 B
680 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.w.org/images/core/emoji/14.0.0/svg/2764.svg
Requested by
Host: itunessdk.com
URL: https://itunessdk.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.48 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
s.w.org
Software
nginx /
Resource Hash
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://itunessdk.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-nc
HIT hhn 2
date
Thu, 09 Nov 2023 09:04:38 GMT
x-content-type-options
nosniff
last-modified
Tue, 12 Apr 2022 03:47:26 GMT
server
nginx
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, HEAD
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=315360000
accept-ranges
bytes
alt-svc
h3=":443"; ma=86400
content-length
368
expires
Thu, 31 Dec 2037 23:55:55 GMT
matomo.php
1etu.com/ 		0
138 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://1etu.com/matomo.php?action_name=itunessdk.com%2F&idsite=27&rec=1&r=622827&h=10&m=4&s=38&url=https%3A%2F%2Fitunessdk.com%2F&_id=2b19bb18a6e4e44d&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=xLUEx6&pf_net=47&pf_srv=491&pf_tfr=27&pf_dm1=653&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: 1etu.com
URL: https://1etu.com/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.148.40.98 , United States, ASN398823 (PEG-LA, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://itunessdk.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://itunessdk.com
date
Thu, 09 Nov 2023 09:04:38 GMT
strict-transport-security
max-age=31536000
access-control-allow-credentials
true
server
nginx
matomo.js
landing.k8.io/js/ Frame 0AA0 		698 B
962 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.k8.io/js/matomo.js
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.189.58 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.189.78.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
a8e1b559626818442221c09e5e3516db33fecbd283780100d9dd693cc11e13cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 09:04:38 GMT
Last-Modified
Sat, 28 Oct 2023 06:50:04 GMT
Server
nginx
ETag
"2ba-KXQ1FdmC0tc9TSdgCaB7+zK0tJE"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
keep-alive
Content-Length
698
pageInfo.e0f9e00c.css
landing.k8.io/_nuxt/ Frame 0AA0 		2 KB
988 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landing.k8.io/_nuxt/pageInfo.e0f9e00c.css
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.189.58 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.189.78.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e0f9e00cd46aa85fb15638d86068d2d1f1a68f75eee854f3bd4bf73d12c2931b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 09:04:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2023 06:50:04 GMT
Server
nginx
ETag
W/"925-+/PwfnyjgtFMJL9kN1HEDV0Ak18"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
text/css; charset=utf-8
cache-control
public, max-age=31536000, immutable
Connection
keep-alive
entry.be1630fc.js
landing.k8.io/_nuxt/ Frame 0AA0 		140 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.k8.io/_nuxt/entry.be1630fc.js
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.189.58 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.189.78.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
2d6a3700f6d78c7ed45d51d296b2971e25c292a0b8d3da07c1bec56efb8488b2

Request headers

Referer
https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Origin
https://landing.k8.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 09:04:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2023 06:50:04 GMT
Server
nginx
ETag
W/"22ee5-s+eBHv4W4rEfAWRJ4llkG01aFOc"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
cache-control
public, max-age=31536000, immutable
Connection
keep-alive
index.479a6444.js
landing.k8.io/_nuxt/ Frame 0AA0 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.k8.io/_nuxt/index.479a6444.js
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.189.58 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.189.78.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
1b81e977d9417cace9917c0f734c8c6a8c3074fccdd5eefd34a8f863a6c86194

Request headers

Referer
https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Origin
https://landing.k8.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 09:04:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2023 06:50:04 GMT
Server
nginx
ETag
W/"645-vh8C9fVgFJChGdpnCXMl0EZ7IOE"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
cache-control
public, max-age=31536000, immutable
Connection
keep-alive
pageInfo.f5746796.js
landing.k8.io/_nuxt/ Frame 0AA0 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.k8.io/_nuxt/pageInfo.f5746796.js
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.189.58 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.189.78.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
7520b225fcbab9cb2dfd0a9f90b1e376dca88a62e8187120e6fc23f618c607eb

Request headers

Referer
https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Origin
https://landing.k8.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 09:04:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2023 06:50:04 GMT
Server
nginx
ETag
W/"4e4d-FjUx0cmp1+nQHrdLXPpv7FxEtiY"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
cache-control
public, max-age=31536000, immutable
Connection
keep-alive
vue.f36acd1f.02126f9f.js
landing.k8.io/_nuxt/ Frame 0AA0 		390 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.k8.io/_nuxt/vue.f36acd1f.02126f9f.js
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.189.58 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.189.78.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
24640bd7dd318761eaa9f89bbbb92784fbf6a3596f57ecc4b889eb938640b82f

Request headers

Referer
https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Origin
https://landing.k8.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 09:04:38 GMT
Last-Modified
Sat, 28 Oct 2023 06:50:04 GMT
Server
nginx
ETag
"186-4gDKzgRS3/d5zaZA0KsIkB31iP0"
Vary
Accept-Encoding
Content-Type
application/javascript
cache-control
public, max-age=31536000, immutable
Connection
keep-alive
Content-Length
390
loading.jpeg
ik.imagekit.io/gnlf5cryj/ Frame 0AA0 		422 B
928 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/gnlf5cryj/loading.jpeg
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:de00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
41292fa413f7046a50242404de2a5f67ed0a98307da1601c24e5c8bfc7fec0f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing.k8.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Sat, 07 Oct 2023 10:58:03 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
2844395
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
422
x-request-id
6fe0cc6f-4c3a-45bb-b95c-ce8e87197d26
etag
W/"1a6-P4lwkS83UFOGaOnEbWxVZ84b1Ms"
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
timing-allow-origin
*
access-control-allow-headers
*
x-amz-cf-id
PHvXYWn0_hZHIsHzQMAm3Y_Cgt6i-LRvk45M733kk7AZ2-S5rbkZDg==
matomo.js
cdn.matomo.cloud/k8.matomo.cloud/ Frame 0AA0 		199 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/k8.matomo.cloud/matomo.js
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/js/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:211e:2c00:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
bb80085ad0a71622611dc510c46bd86edd53d05a653fc6d3f1c07c5bc21263fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing.k8.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 06:05:44 GMT
x-amz-version-id
2a5ms9BS3WWa3zjNxvwjsa3POpqGRXAu
content-encoding
gzip
strict-transport-security
max-age=31536000
via
1.1 1ee1abe42f3acbda66e5d1252319566a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
10735
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 02 Nov 2023 04:56:53 GMT
server
CloudFront
etag
W/"ac6976c577d35263e75c996234e0088a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=691200
x-amz-cf-id
1rDPNbXiWHo4zYYb4K0FuzHTnoZqjm9AfwpIESjSEFw_pdyrw6XviQ==
error-404.03d7db21.js
landing.k8.io/_nuxt/ Frame 0AA0 		0
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://landing.k8.io/_nuxt/error-404.03d7db21.js
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.189.58 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.189.78.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Origin
https://landing.k8.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 09:04:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2023 06:50:04 GMT
Server
nginx
ETag
W/"19ab-LvSOZSxCfr3hRlTcdwXSQ3YdonU"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
cache-control
public, max-age=31536000, immutable
Connection
keep-alive
error-500.e62d09fc.js
landing.k8.io/_nuxt/ Frame 0AA0 		0
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://landing.k8.io/_nuxt/error-500.e62d09fc.js
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.78.189.58 Brussels, Belgium, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
58.189.78.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Origin
https://landing.k8.io
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Thu, 09 Nov 2023 09:04:38 GMT
Content-Encoding
gzip
Last-Modified
Sat, 28 Oct 2023 06:50:04 GMT
Server
nginx
ETag
W/"77e-Frde2G/WXP82AvEGomUC5q8aqak"
Transfer-Encoding
chunked
Vary
Accept-Encoding, Accept-Encoding
Content-Type
application/javascript
cache-control
public, max-age=31536000, immutable
Connection
keep-alive
desktop-banner-bg@1x
ik.imagekit.io/k8pworld/landing.k8.io/ Frame 0AA0 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ik.imagekit.io/k8pworld/landing.k8.io/desktop-banner-bg@1x
Requested by
Host: landing.k8.io
URL: https://landing.k8.io/?page=a_and_0_and_b_and_l_and_2_and_d_and_3_and_z&invite=bonusoffer&all=true&Guge=VIP106&Welcome
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:de00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0fdeac35bda4eeeff25754d9ce93b633c6e3d88e4cdab361c21659a660e89d98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing.k8.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 13 Oct 2023 09:13:39 GMT
via
1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
2332259
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
46464
x-request-id
fff0a563-b6c7-418e-b55a-29c5a56678cf
last-modified
Fri, 13 Oct 2023 06:57:17 GMT
etag
"f33fc2e2eb3c48413e2d783b0a136ffe"
vary
Accept
access-control-allow-methods
GET
content-type
image/webp
access-control-allow-origin
*
cache-control
public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server
ImageKit.io
timing-allow-origin
*
access-control-allow-headers
*
x-amz-cf-id
eqzb_WudNcQfCR_uhqnYsg7P69e93kglGnhz1Wl-eilx5v_uOq51Kg==
matomo.php
k8.matomo.cloud/ Frame 0AA0 		0
174 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://k8.matomo.cloud/matomo.php?action_name=landing.k8.io%2F%E3%80%90k8%20%E3%82%AB%E3%82%B8%E3%83%8E%E3%80%91%E6%97%A5%E6%9C%AC%E5%85%AC%E5%BC%8F&idsite=8&rec=1&r=219734&h=10&m=4&s=38&url=https%3A%2F%2Flanding.k8.io%2F%3Fpage%3Da_and_0_and_b_and_l_and_2_and_d_and_3_and_z%26invite%3Dbonusoffer%26all%3Dtrue%26Guge%3DVIP106%26Welcome&urlref=https%3A%2F%2Fitunessdk.com%2F&_id=a3515572248db292&_idn=1&send_image=0&_refts=1699520678&_ref=https%3A%2F%2Fitunessdk.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=SsBfAy&pf_net=99&pf_srv=165&pf_tfr=1&pf_dm1=60&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/k8.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://landing.k8.io/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://landing.k8.io
date
Thu, 09 Nov 2023 09:04:38 GMT
access-control-allow-credentials
true
server
Apache
vary
Origin,X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
configs.php
k8.matomo.cloud/plugins/HeatmapSessionRecording/ Frame 0AA0 		116 B
292 B 		Script
General
Check archive.org
Download Go to
Full URL
https://k8.matomo.cloud/plugins/HeatmapSessionRecording/configs.php?idsite=8&trackerid=9gTiUu&url=https%3A%2F%2Flanding.k8.io%2F%3Fpage%3Da_and_0_and_b_and_l_and_2_and_d_and_3_and_z%26invite%3Dbonusoffer%26all%3Dtrue%26Guge%3DVIP106%26Welcome
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/k8.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.195.235.189 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-235-189.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash
9cf827e18d356e7d8f688a93d6b7c1084b33c94147ec2abfc0e879c8865ceb5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing.k8.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:38 GMT
content-encoding
gzip
server
Apache
content-length
119
vary
X-Forwarded-Port-Override,X-Forwarded-Proto-Override,Accept-Encoding,User-Agent
content-type
application/javascript
pachinko_popular_slot_desktop_4d597bd5df.webp
landing-k8.imgix.net/uploads/ Frame 0AA0 		247 KB
247 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-k8.imgix.net/uploads/pachinko_popular_slot_desktop_4d597bd5df.webp?w=1920&auto=format
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
91b786b2b4d19b7eb53bb1d833addb397d0cd624ffd8b7f23ac10618a22426de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing.k8.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:38 GMT
x-content-type-options
nosniff
age
154773
x-cache
HIT, HIT
x-imgix-id
3bef4f3d557a8ea3b62fb503c2bb903f4edc8420
cross-origin-resource-policy
cross-origin
content-length
252738
x-served-by
cache-sjc1000121-SJC, cache-fra-eddf8230048-FRA
x-imgix-render-farm
02.74792
last-modified
Tue, 07 Nov 2023 14:05:05 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
Top_banner_01_923562ac70.jpg
landing-k8.imgix.net/uploads/ Frame 0AA0 		276 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-k8.imgix.net/uploads/Top_banner_01_923562ac70.jpg?w=1920&auto=format
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
ba66599bcd8fe593be397811024bd05cdd620724a70257b742220995058fec00
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing.k8.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:38 GMT
x-content-type-options
nosniff
age
204744
x-cache
HIT, HIT
x-imgix-id
7ee521ee0469653654673a1d24ae921851d721ca
cross-origin-resource-policy
cross-origin
content-length
282694
x-served-by
cache-sjc1000091-SJC, cache-fra-eddf8230048-FRA
x-imgix-render-farm
02.74792
last-modified
Tue, 07 Nov 2023 00:12:14 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*
device_banner_desktop_13835d9f67.webp
landing-k8.imgix.net/uploads/ Frame 0AA0 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing-k8.imgix.net/uploads/device_banner_desktop_13835d9f67.webp?w=1920&auto=format
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
f1a0044e4763e91a1ed85e44c4cca9d0b9888c7395ef199db95069d396b2250d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://landing.k8.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 09:04:38 GMT
x-content-type-options
nosniff
age
111181
x-cache
HIT, HIT
x-imgix-id
ee27e1074970c5bedacb0ee32f922f994541cec7
cross-origin-resource-policy
cross-origin
content-length
9109
x-served-by
cache-sjc1000130-SJC, cache-fra-eddf8230048-FRA
x-imgix-render-farm
02.74792
last-modified
Wed, 08 Nov 2023 02:11:37 GMT
server
Google Frontend
vary
Accept, User-Agent
content-type
image/avif
access-control-allow-origin
*
cache-control
public, max-age=604800
accept-ranges
bytes
timing-allow-origin
*

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| documentPictureInPicture object| _paq string| version_ function| _0x1ddea2 function| _0x2f9f function| _0x5f11 object| _wpemojiSettings object| twemoji object| wp object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log

2 Cookies

Domain/Path Name / Value
itunessdk.com/ Name: _pk_id.27.7e65
Value: 2b19bb18a6e4e44d.1699520678.
itunessdk.com/ Name: _pk_ses.27.7e65
Value: 1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1etu.com
3ae.jp
cdn.matomo.cloud
fonts.googleapis.com
fonts.gstatic.com
ik.imagekit.io
itunessdk.com
k8.matomo.cloud
landing-k8.imgix.net
landing.k8.io
s.w.org
www.k8.autos
107.148.40.98
18.195.235.189
192.0.77.48
2600:9000:206f:de00:15:c281:3500:93a1
2600:9000:211e:2c00:c:7d55:b3c0:93a1
2606:4700:3033::6815:2585
2606:4700:3035::6815:3b06
2606:4700:3037::6815:1096
2a00:1450:4001:810::200a
2a00:1450:4001:813::2003
2a04:4e42:8d::720
34.78.189.58
09a743ee0c32ca57c9be64b13b29c396310d1dd309cb4d7d3be722e47db95f27
0fdeac35bda4eeeff25754d9ce93b633c6e3d88e4cdab361c21659a660e89d98
1b81e977d9417cace9917c0f734c8c6a8c3074fccdd5eefd34a8f863a6c86194
24640bd7dd318761eaa9f89bbbb92784fbf6a3596f57ecc4b889eb938640b82f
2d6a3700f6d78c7ed45d51d296b2971e25c292a0b8d3da07c1bec56efb8488b2
3009f00173235a64d489a962a75bbd48f7618675c283bef0c88750f02fe296af
3b172c28e742f5468ac55428d8dae6f6c23fe0d11faa19f3714a9b5ad141ab19
3f55aee085335e585c936242a697f15fb96b7c8f72b61d8532296f41cdfd0582
41292fa413f7046a50242404de2a5f67ed0a98307da1601c24e5c8bfc7fec0f8
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5a42c91e1ecc9b09346a1520d9a6f98074c13eebfb1cc87c4e82e5992beb685b
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
7520b225fcbab9cb2dfd0a9f90b1e376dca88a62e8187120e6fc23f618c607eb
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
91b786b2b4d19b7eb53bb1d833addb397d0cd624ffd8b7f23ac10618a22426de
9cf827e18d356e7d8f688a93d6b7c1084b33c94147ec2abfc0e879c8865ceb5c
a8e1b559626818442221c09e5e3516db33fecbd283780100d9dd693cc11e13cf
ba66599bcd8fe593be397811024bd05cdd620724a70257b742220995058fec00
bb80085ad0a71622611dc510c46bd86edd53d05a653fc6d3f1c07c5bc21263fc
ce68f487d953f6e8a4a14eee35cca2a702085f8fe2f8f351edf1245ee3377ec3
d157d20a758729656a84627d91c078b05c66d1ae9ac8115894836f27e0abd52f
d63969431cb17a3af7205a1dfcdf4de1b9e91496e8efd7ef5bf6addd6cc05c99
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693
d9571be7f559c3c899e939be3a946d1621e8bb5d49acc225d15fe0614adce1fa
e0f9e00cd46aa85fb15638d86068d2d1f1a68f75eee854f3bd4bf73d12c2931b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ede7c571d321eaa850b14303287d1618053dc5d0f6198878509d9dbd8dc9777c
f1a0044e4763e91a1ed85e44c4cca9d0b9888c7395ef199db95069d396b2250d