urlscan.io logo urlscan.io
SecurityTrails logo

k8player.com Open in urlscan Pro
2606:4700:4400::ac40:91cf  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://getsteamgifts.com/
Effective URL: https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account
Submission Tags: phishingrod
Submission: On June 18 via api from DE — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 5 countries across 11 domains to perform 40 HTTP transactions. The main IP is 2606:4700:4400::ac40:91cf, located in United States and belongs to CLOUDFLARENET, US. The main domain is k8player.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 24th 2024. Valid for: 10 months.
This is the only time k8player.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 22 188.114.97.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 104.17.24.14 13335 (CLOUDFLAR...)
2 172.67.178.66 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
40 10
22    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
getsteamgifts.com
www.getsteamgifts.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    172.67.178.66 (United States)

ASN13335 (CLOUDFLARENET, US)
y8.hk
4    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
region1.google-analytics.com
1    2a00:1450:400c:c0a::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.nl
2    2606:4700:4400::ac40:91cf (United States)

ASN13335 (CLOUDFLARENET, US)
k8player.com
Apex Domain
Subdomains		 Transfer
22 getsteamgifts.com
getsteamgifts.com
www.getsteamgifts.com
1 MB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 79
373 KB
2 k8player.com
k8player.com
6 KB
2 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2347
45 B
2 y8.hk
y8.hk
4 KB
1 google.nl
www.google.nl — Cisco Umbrella Rank: 10667
408 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 132
247 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3078
247 B
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 265
4 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 457
31 KB
0 3ae.jp Failed
cdn.3ae.jp Failed
40 11
Domain Requested by
21 www.getsteamgifts.com www.getsteamgifts.com
4 www.googletagmanager.com y8.hk
www.googletagmanager.com
2 k8player.com k8player.com
2 region1.google-analytics.com www.googletagmanager.com
2 y8.hk www.getsteamgifts.com
1 www.google.nl y8.hk
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdnjs.cloudflare.com www.getsteamgifts.com
1 ajax.googleapis.com www.getsteamgifts.com
1 getsteamgifts.com 1 redirects
0 cdn.3ae.jp Failed
40 12

This site contains no links.

Subject Issuer Validity Valid
getsteamgifts.com
WE1		 2024-06-17 -
2024-09-15		 3 months crt.sh
upload.video.google.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
y8.hk
GTS CA 1P5		 2024-05-24 -
2024-08-22		 3 months crt.sh
*.google-analytics.com
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-05-27 -
2024-08-19		 3 months crt.sh
*.google.nl
WR2		 2024-05-27 -
2024-08-19		 3 months crt.sh
k8player.com
Cloudflare Inc ECC CA-3		 2024-02-24 -
2024-12-31		 10 months crt.sh

This page contains 1 frames:

Primary Page: https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account
Frame ID: 99E7757F1FE8EF6A490DE735D2D16185
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Top of world Crypto Gambling - K8

Page URL History Show full URLs

  1. https://getsteamgifts.com/ HTTP 301
    https://www.getsteamgifts.com/ Page URL
  2. https://y8.hk/to/PachinkoClubVIP98 Page URL
  3. https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

40
Requests

90 %
HTTPS

67 %
IPv6

11
Domains

12
Subdomains

10
IPs

5
Countries

1619 kB
Transfer

3031 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://getsteamgifts.com/ HTTP 301
    https://www.getsteamgifts.com/ Page URL
  2. https://y8.hk/to/PachinkoClubVIP98 Page URL
  3. https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://getsteamgifts.com/ HTTP 301
  • https://www.getsteamgifts.com/
Request Chain 20
  • https://3ae.jp/8BE0y HTTP 302
  • https://cdn.3ae.jp/wp-content/uploads/images/5.gif

40 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
www.getsteamgifts.com/
Redirect Chain
  • https://getsteamgifts.com/
  • https://www.getsteamgifts.com/
325 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d0bea226c9e30dc1cd6005a948d301014c24467c67fddfd7bdc5d21643e49f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
895b9cfabb426680-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 13:26:49 GMT
last-modified
Tue, 18 Jun 2024 13:26:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tRRUQQ8YniErFSh1xrxVB027b53SX0x9vmkxIS2aU0rv26UXl9t0SgryQmYN26DHirOYelV%2Ffd6sKLrva1oKIWXra4Q2QGCU7OleRnVFxi3KukJ5qqoc7Df%2FWuC4HV6okaJ2yrvYesA%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding, Cookie

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=3600
cf-cache-status
DYNAMIC
cf-ray
895b9ce12d016680-AMS
content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 13:26:48 GMT
expires
Tue, 18 Jun 2024 14:26:48 GMT
location
https://www.getsteamgifts.com/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2VLVKHswc7xrHvVBV9w4lKswrnKiPZ0trSPNqFCadIg%2FenNS0YqUFBsnJRkE4lWoJ4GfBZec2SGL5MXCRD6nQojs5jVbQOAFTIzcNCevOQI5THsB3nReMylXavYpX4yNFcXKzw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding, Cookie
x-redirect-by
WordPress
icomoon.woff
www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/icomoon/fonts/icomoon.woff
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
607b0828676eb8a38835dead7770d1c42e12ba7725dc29f7aa653d8a4b76b2bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Origin
https://www.getsteamgifts.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Oct 2023 10:59:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6538f522-412c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJgfOzj0jqPrzj0Z2gd0z12D9XKI8zyvX1hmLSV4hjd8vGNKoVJzqcd8%2Fxmnq83%2Bcx3%2FTDmL6nJfUeDATCfjRmtszzMZSFfcKSIToIUXJ%2FzLPPBDfH47R4Yigc4%2Bl1xFI1%2B5S47dmrA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
895b9cfdff706680-AMS
alt-svc
h3=":443"; ma=86400
content-length
16684
fontawesome-webfont.woff2
www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/fontawesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Origin
https://www.getsteamgifts.com
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Oct 2023 10:59:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6538f522-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=z9AHJfEpl9VHBRBj5zOr8u5lEyJElzvpiMR58hNMpD25%2BmckygSNs0h1PUyCc08yXoPLKqe65dPIilkvaygCWlxHZnSnQBVrE8THy%2Br0a%2BqRVv1ZquiOw%2FeoPvoaKt75rd37zdSKURA%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
895b9cfdff746680-AMS
alt-svc
h3=":443"; ma=86400
content-length
77160
style.min.css
www.getsteamgifts.com/wp-includes/css/dist/block-library/ 		111 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-includes/css/dist/block-library/style.min.css?ver=6.5.4&fver=20240402105917
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Tue, 02 Apr 2024 22:59:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"660c8dc5-1bae5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UwIhzOsE2AYnRBjDFQ5zGkvyRuG5EQIw9vU0uCLsZ41JEwAFi93sjtiwXhsk5W9mVT6eZhpmNUZZB6wVy5AHnvRgBWX4y1xYMymzPLZSqNKJOR99J%2BwKDI5q%2B%2FbgQfx37P%2FUhBURPKQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
895b9cfdff766680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
lasso-lite.css
www.getsteamgifts.com/wp-content/plugins/simple-urls/admin/assets/css/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/plugins/simple-urls/admin/assets/css/lasso-lite.css?ver=1708686841&fver=20240223111401
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0785d4078e842b52a1f98b93cfa4f34b636ee001dbfa4bef89080338e34ad83a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Fri, 23 Feb 2024 11:14:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65d87df9-3831"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9AzprjKQDWkFs3H3dlAjYr65UayF7uKa5Xe%2Fgao%2BtbQgdiBWMm5C42N8srI02yHv5nY8j9JESsfbu5Y5EW4khzzPpZ%2BYhzIPzaykymFotwR4RJog0kaExRTFZm%2B3pn8fv1UG0l85j78%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
895b9cfdff776680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
style.css
www.getsteamgifts.com/wp-content/themes/cocoon-master/ 		230 KB
50 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-master/style.css?ver=6.5.4&fver=20231025105946
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc110abdd8eab468c3a7d774d2f2e89c3565747b532802c9d1706ef27dafb23c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Oct 2023 10:59:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6538f522-39825"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lmXKRs5y8M%2BLnUpa0cGbGawDDkYFclUOzMKAj9QWGNqghZwa2u6MjqZmudXzBetiB5yFkV6FC0sQO9c7fiNaRA5FUZxya2M5VVNb5okiSjqdQFS2ImGn%2BP5TJ1iqHPPqUeQrtaB7f%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
895b9cfdff786680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
keyframes.css
www.getsteamgifts.com/wp-content/themes/cocoon-master/ 		292 B
599 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-master/keyframes.css?ver=6.5.4&fver=20231025105945
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Oct 2023 10:59:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6538f521-124"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aJ0agyAKbr3hXoI%2Bawt9LsxUgpz5FkPlv%2BZUd9xaPAtIcqhkaVL7YGxUSONn2jfYz69sZz4GWh76SEvO8%2FmCfI6vADhupn6WFLAQvdRk6EnN6bk%2FlFYrWxDNw3HON5nwXah6aQG4zeA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
895b9cfe882c6680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
font-awesome.min.css
www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/ 		30 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/fontawesome/css/font-awesome.min.css?ver=6.5.4&fver=20231025105946
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Oct 2023 10:59:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6538f522-792a"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iiZ3OiMEVw4NV7XBAJI75wqEQXFkOvWDoO9mI0SGDRbUGuuhj8UhFEnDeKTPksAd4LNyIu7GOFbKxFJxUko11z2zBosIW2Lt6VyBIlxD6tab0IhUE1rxXlrlZtxM0RjhRCGBzbGRtxU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
895b9cfe982f6680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
style.css
www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/icomoon/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-master/webfonts/icomoon/style.css?ver=6.5.4&fver=20231025105946
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4c01e0c4cb199c2d76d1d59f6c4b9006c23583a49e4d04520158fc44a080d91
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Oct 2023 10:59:46 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6538f522-e6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZjU7l%2F1IZtQUV4xLdEr3XMDZyI8f1fh5DYUOeK7MhSkRJlCGf1L5H9BSx%2FxR7U7NkUcGBDigbai%2BG22jkDWDad%2F4Bs1wM73j6Yom8k8FJBiOCYPtr2ipq1OW26mDJkXrFtkOuinOGrQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
895b9cfe98326680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
style.css
www.getsteamgifts.com/wp-content/themes/cocoon-child-master/ 		845 B
834 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-child-master/style.css?ver=6.5.4&fver=20231005021006
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf84bb53b19b1e5310d031c599b2ac4f0311ac5cdc17bd47da8e409e72ffa49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 05 Oct 2023 02:10:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"651e1afe-34d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8DENrR4rdv27V1UsP9X2jzeleXRfk04qiLtSVfFBTe%2FWlPlI5phitO7UzPGcTY4hKo3K5AjBFHkJRHYqDwwMEZxSMIWtRxQAR39ItArCYsWj0pSXGi9VLkQ8Hx14WHVsMuDO8PG5h8c%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
895b9cfe98346680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
keyframes.css
www.getsteamgifts.com/wp-content/themes/cocoon-child-master/ 		130 B
611 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-child-master/keyframes.css?ver=6.5.4&fver=20231005021006
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Thu, 05 Oct 2023 02:10:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"651e1afe-82"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bx%2BpdybkyPuSyvZSFD84enJWDSppF8oKxEGT5mQBW3mll6qqIqb81RnSK0vMGh7l0GyVjtsviEuED%2FgZ7EuBdYrO9y8YnI76FSjsLYI57cUHb98VG8bNbsDPjopsWX2uaTuQwBCE11A%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=43200
cf-ray
895b9cfe98386680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js?ver=3.6.1
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 13 Jun 2024 13:12:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
432847
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 13 Jun 2025 13:12:42 GMT
jquery-migrate.min.js
cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery-migrate/3.3.2/jquery-migrate.min.js?ver=3.0.1
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2314611
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3718
last-modified
Wed, 18 Nov 2020 00:51:42 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fb4701e-2c03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5HU7wm5RO%2F%2FZ%2Fm9m%2F7XQHGCWWOVieEg%2BfHMOkhHlPD7R3gyq26qHfi08RjcdKMqSjoph91wUEYQTI24AJBa3NFRODTrqu7G0b%2B0MLXW4B0%2FBU75aeqCtDWCi8Bj4XOEwqR6CBd%2Fa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
895b9cfeb9599f93-AMS
expires
Sun, 08 Jun 2025 13:26:49 GMT
amp.js
www.getsteamgifts.com/wp-includes/js/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-includes/js/amp.js
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79f4a36bb206829fdf0da05bad824ee6c6343138bd2e637c550dc825eca4149b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Sat, 25 May 2024 10:48:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6651c201-17ed"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i5tlH5kisKa%2B%2BFy5KCVXqQF0MKhZGhowPDH71FbJ9Hn3n4PLs6NZE%2FHnXfJxTEJofCECUBa4zHDxUY4XJKznnilUfeykcbVoJE0n2J1FSDUJzCsWMJQIUg3msYhddC7tZJFFvVS0U1g%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
895b9cfe983d6680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
20190417210330-320x180.jpg
www.getsteamgifts.com/wp-content/uploads/2024/04/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getsteamgifts.com/wp-content/uploads/2024/04/20190417210330-320x180.jpg
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
027581da9775f4fdd5fbcbf4103fc933c6cff0d721ad9702ffdaa3a545292d1f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
281841
alt-svc
h3=":443"; ma=86400
content-length
22596
last-modified
Thu, 11 Apr 2024 08:47:48 GMT
server
cloudflare
etag
"6617a3b4-5844"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=atiGBTqF3S4ZKmzW6sV50u0mdEZ6w9LWB4mtTukIDq0DvsXSQgacY5dQT%2BPozi9mSzC4W%2B7Mcv%2Bm8jdoU6rAFUKzZTstm6B6H1n%2Fmp8DS3obGeTMZX75bLVqj%2BaxEFHz2v3wfBTgnlE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
895b9cfe983e6680-AMS
expires
Mon, 15 Jul 2024 07:09:28 GMT
57ee4f78-a3ac-469b-8c2c-5703ac1f02cb-320x180.jpg
www.getsteamgifts.com/wp-content/uploads/2024/04/ 		18 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getsteamgifts.com/wp-content/uploads/2024/04/57ee4f78-a3ac-469b-8c2c-5703ac1f02cb-320x180.jpg
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f30e0072bf05696ec39e9a834d5addd8d8bd27018f17e714adbb860b651be4a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
281841
alt-svc
h3=":443"; ma=86400
content-length
18850
last-modified
Thu, 11 Apr 2024 08:01:29 GMT
server
cloudflare
etag
"661798d9-49a2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eLTn6zAZoWjsDL3gfvaGcY5VpIaHtzd7UDS1GdlwSyfkuDBeEuJDSbW6OwOYNF1NncFdScBjwXMLNgA8u4wmKGdIlp%2BYxD9UGWDO6jeHAyDfXsMb9hcBsY8IndR2XcsSswc9TQsNzyI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
895b9cfea84c6680-AMS
expires
Mon, 15 Jul 2024 07:09:28 GMT
R.523a4219185d7d25681aceb06798b3dbrikVuUm1s6e1wbzHQampriuhttp3a2f2fmachine.p-world.co_.jp2fimage2f89612f65-320x180.jpg
www.getsteamgifts.com/wp-content/uploads/2024/04/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getsteamgifts.com/wp-content/uploads/2024/04/R.523a4219185d7d25681aceb06798b3dbrikVuUm1s6e1wbzHQampriuhttp3a2f2fmachine.p-world.co_.jp2fimage2f89612f65-320x180.jpg
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1bcd4b21679dcf808c706a9b98f004307669c83e6966c20c113b431e944d8a5a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
281841
alt-svc
h3=":443"; ma=86400
content-length
22675
last-modified
Thu, 11 Apr 2024 07:09:23 GMT
server
cloudflare
etag
"66178ca3-5893"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BLQHqgPK3ZTRF3RO6goEBd%2BN81BONtyZpRU%2BUXMIDbZMHV%2F09BmE%2FeA2edlN6ipY5I6Z7I28VJTlvwicSzqAR%2BQtYvUNaphJMvPYlUP8gFuiBQrWE3BFeTsI4KRVZUnPjRqFzSnOrc%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
895b9cfea84e6680-AMS
expires
Mon, 15 Jul 2024 07:09:28 GMT
PC_Pachinko.gif
www.getsteamgifts.com/wp-content/uploads/yahoo/ 		871 KB
871 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getsteamgifts.com/wp-content/uploads/yahoo/PC_Pachinko.gif
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
097d52e82c36b61044acf36ba375bfb8080566fb23116a0bc164bbd7cd21d0f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
281840
alt-svc
h3=":443"; ma=86400
content-length
891553
last-modified
Mon, 09 Oct 2023 09:13:58 GMT
server
cloudflare
etag
"6523c456-d9aa1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fjlw2QvglZIAOGARGAla%2F%2FF%2B4gIoZsoQiJBFtqmxZ%2F347kNLvVHejptgzNzysymCTw2F6kJYgt6ZSMbjvp0q12%2BLXdmH2EMqTgOqaqf7T348joWbo7DJfXjpEf7RgTPJAFb%2BnDIrLWA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
895b9cfee8806680-AMS
expires
Mon, 15 Jul 2024 07:09:29 GMT
new-casino-no-deposit-bonus.png
www.getsteamgifts.com/wp-content/uploads/yahoo/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getsteamgifts.com/wp-content/uploads/yahoo/new-casino-no-deposit-bonus.png
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2677bcef497ae0f5e34268571649268dc8b584d1408326f2247bab5c3d780e46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
281840
alt-svc
h3=":443"; ma=86400
content-length
13512
last-modified
Mon, 09 Oct 2023 09:42:30 GMT
server
cloudflare
etag
"6523cb06-34c8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M9W8XakGhp2giZSEWdGK2IrGmiheo5rwwOxcFQoutIDtxBGlDpsxmaNydj73ZxGeMMogAfbz9NrPbLThyLnVLxw4VwSb28QevrcpA6Y6xKyncHsplghZDAsu5mn4F9K2WFCGGrUVXLs%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
895b9cfee8846680-AMS
expires
Mon, 15 Jul 2024 07:09:29 GMT
japan.webp
www.getsteamgifts.com/wp-content/uploads/yahoo/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.getsteamgifts.com/wp-content/uploads/yahoo/japan.webp
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:50 GMT
strict-transport-security
max-age=31536000
cf-cache-status
REVALIDATED
last-modified
Mon, 09 Oct 2023 09:13:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6523c44f-6fec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BTVGNf7s6CAWKjsCaY9cYX1U6MavuMI29VhuzGNZkrfeJjR1hQ0wp2Xrnvo%2FeDPlqOwvcpedjibUUqjzR9sWiK4nJ%2BFR6kIIjoI1dsJiATMj4KOZ9HXbKy37WKZsnvv1owR1CB0PlPA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
895b9d01ec266680-AMS
alt-svc
h3=":443"; ma=86400
content-length
28652
5.gif
cdn.3ae.jp/wp-content/uploads/images/
Redirect Chain
  • https://3ae.jp/8BE0y
  • https://cdn.3ae.jp/wp-content/uploads/images/5.gif
0
0
stickyfill.min.js
www.getsteamgifts.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-master/plugins/stickyfill/dist/stickyfill.min.js?ver=6.5.4&fver=20231025105945
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Oct 2023 10:59:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6538f521-17fb"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0ldw3Fc%2B4Qte%2B6%2Fmld%2FY9vXq6AxsJC4MWsaKgt6dT04jpsHo5Il2VB5PF5Criwuq9p61yj%2BsFN4wMi4BOrVuKHGUH2WT%2FUOTUD0P9cPbNLCT3VqcPzIYNGy1pyg9YCxGV66HnSG3WEI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
895b9cff79916680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
javascript.js
www.getsteamgifts.com/wp-content/themes/cocoon-master/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-master/javascript.js?ver=6.5.4&fver=20231025105945
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:49 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
cf-cache-status
REVALIDATED
last-modified
Wed, 25 Oct 2023 10:59:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6538f521-1e2e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tbfC5J3SNmYm%2BSciguVkvmDZSH1g83a0eiqmbIMys8WvtJ6T7ZmkcZtyO5bpXa7iY55TCzv4%2FeSctBdzMEVhqE1lhe%2B6Q8ZoIzrJqP8dYVDMGbSmwIal9btGaS600P8npY0B5%2B3XOb8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
895b9cff89a56680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:49 GMT
javascript.js
www.getsteamgifts.com/wp-content/themes/cocoon-child-master/ 		299 B
675 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.getsteamgifts.com/wp-content/themes/cocoon-child-master/javascript.js?ver=6.5.4&fver=20240525104833
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://www.getsteamgifts.com/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:50 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Sat, 25 May 2024 10:48:33 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"6651c201-12b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rmZYWygdxdifh4W%2B2OeY45Zv%2BMhpsaBAIVDstcRKeqR5qoEw7NYIz6MMQYsq2H%2BKoGfWkjOBHbgziAK%2FLf2CvBZ3VTsN%2Bn86GFVk6SbfCSvJoa570VZpkYv4fjFXO034qOTakuH1%2F7w%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=43200
cf-ray
895b9d01ec256680-AMS
alt-svc
h3=":443"; ma=86400
expires
Wed, 19 Jun 2024 01:26:50 GMT
PachinkoClubVIP98
y8.hk/to/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://y8.hk/to/PachinkoClubVIP98
Requested by
Host: www.getsteamgifts.com
URL: https://www.getsteamgifts.com/wp-includes/js/amp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbbac4327dc8426292f5946b30a95548cb984e80884b99697f64a735fec5da20
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://www.getsteamgifts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
895b9d045fbb0a4c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 18 Jun 2024 13:26:50 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p1y1fLIiZ689NtzYVLOmC0%2BNP5G8JAcgaGJZeF0xeR%2F7MCfjmUQ307id7jc57fB4t8ftI801jFCtm2nIw0eHSRhI4wgh4e0K4jBTSJf1kCh9I6UeGh44bg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
gtm.js
www.googletagmanager.com/ 		190 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K68WZQPD
Requested by
Host: y8.hk
URL: https://y8.hk/to/PachinkoClubVIP98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
66654163dfd3de9366ee59e88727b6eb70bd5dea51513d57a80b526b802625f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y8.hk/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69424
x-xss-protection
0
last-modified
Tue, 18 Jun 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 18 Jun 2024 13:26:51 GMT
js
www.googletagmanager.com/gtag/ 		311 KB
102 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1H15LYCZD5&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K68WZQPD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e50f7f7e54d59f92b71e2852d5157570f4a2623bf1292fc441fc39d6e6df7102
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y8.hk/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
104680
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jun 2024 13:26:51 GMT
js
www.googletagmanager.com/gtag/ 		305 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-1WCEWDV1PX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K68WZQPD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
62b5eda9458777d7e09f843ea8c70f8905ce09a15428c5766ea3a3bef6cb4a39
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y8.hk/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103727
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jun 2024 13:26:51 GMT
js
www.googletagmanager.com/gtag/ 		304 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-LNL1K9PGNV&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K68WZQPD
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e7596c5a6099fffaf873198a59ba215da810d697c290a768315adc9d1ae63e43
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y8.hk/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
103662
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 18 Jun 2024 13:26:51 GMT
collect
region1.analytics.google.com/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-1H15LYCZD5&gtm=45je46c0v9186032721z89186025210za200zb9186025210&_p=1718717210917&_gaz=1&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=420595073.1718717211&ecid=277862322&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1718717211&sct=1&seg=0&dl=https%3A%2F%2Fy8.hk%2Fto%2FPachinkoClubVIP98&dr=https%3A%2F%2Fwww.getsteamgifts.com%2F&dt=%E3%80%90Y8.hk%E3%80%91LOADING...&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1473&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1H15LYCZD5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y8.hk/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 13:26:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://y8.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-1H15LYCZD5&cid=420595073.1718717211&gtm=45je46c0v9186032721z89186025210za200zb9186025210&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1H15LYCZD5&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y8.hk/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 13:26:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://y8.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.nl/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.nl/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-1H15LYCZD5&cid=420595073.1718717211&gtm=45je46c0v9186032721z89186025210za200zb9186025210&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l2l1&npa=1&frm=0&z=744497739
Requested by
Host: y8.hk
URL: https://y8.hk/to/PachinkoClubVIP98
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y8.hk/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 13:26:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
45 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-1WCEWDV1PX&gtm=45je46c0v9186381745z89186025210za200zb9186025210&_p=1718717210917&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=420595073.1718717211&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718717211&sct=1&seg=0&dl=https%3A%2F%2Fy8.hk%2Fto%2FPachinkoClubVIP98&dr=https%3A%2F%2Fwww.getsteamgifts.com%2F&dt=%E3%80%90Y8.hk%E3%80%91LOADING...&en=page_view&_fv=1&_ss=1&tfd=1512&_z=sendBeacon
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-1WCEWDV1PX&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y8.hk/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 13:26:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://y8.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-LNL1K9PGNV&gtm=45je46c0v9187592084z89186025210za200zb9186025210&_p=1718717210917&gcd=13l3l3l2l1&npa=1&dma_cps=sypham&dma=1&tag_exp=0&cid=420595073.1718717211&ul=nl-nl&sr=1600x1200&uaa=x86&uab=64&uafvl=Not%252FA)Brand%3B8.0.0.0%7CChromium%3B126.0.6478.61%7CGoogle%2520Chrome%3B126.0.6478.61&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1718717211&sct=1&seg=0&dl=https%3A%2F%2Fy8.hk%2Fto%2FPachinkoClubVIP98&dr=https%3A%2F%2Fwww.getsteamgifts.com%2F&dt=%E3%80%90Y8.hk%E3%80%91LOADING...&en=page_view&_fv=1&_ss=1&tfd=1540&_z=fetch
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LNL1K9PGNV&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y8.hk/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Tue, 18 Jun 2024 13:26:51 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://y8.hk
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
y8.hk/ 		4 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://y8.hk/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.178.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36f91b82b310a79be4547d314f64ea8c06f4bb4e072f9791120e58a8ea26e066
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://y8.hk/to/PachinkoClubVIP98
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:51 GMT
strict-transport-security
max-age=31536000
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 28 May 2024 02:03:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
4870
etag
W/"66553b64-10be"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Z5dnY8DPOors64Pw%2F%2BFRCGLCPxIMtpmyXSLaoTkMWbJNheT3XGiccdFpnEBwiHLAa5G2GUYsmVKP4vBQQKyCNNy03SbxdwyvVGLvZDB3WPsvg4e0wplfRg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/x-icon
cache-control
max-age=14400
cf-ray
895b9d0b48920a4c-AMS
alt-svc
h3=":443"; ma=86400
Primary Request /
k8player.com/ 		15 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:91cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d219d9501b14f77c5bd2e7feca6cb9493a278bf93ef89621b0209ad12365cb31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://y8.hk/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
895b9d1a1bd166e7-AMS
content-encoding
br
content-type
text/html
date
Tue, 18 Jun 2024 13:26:54 GMT
last-modified
Fri, 14 Jun 2024 01:53:47 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
ON
loading-logo.png
k8player.com/img/ 		0
0
yunwei.js
k8player.com/saconfig/secure/ 		692 B
628 B 		Script
General
Check archive.org
Download Go to
Full URL
https://k8player.com/saconfig/secure/yunwei.js?5729058
Requested by
Host: k8player.com
URL: https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::ac40:91cf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82590aaf8b2c1c4b803d743bc550f06e3bc47305c72a8ee4169ab283a76703d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://k8player.com/?invite=PachinkoClub&From=VIP98&modal=register&tab=account
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 18 Jun 2024 13:26:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Fri, 14 Jun 2024 02:39:08 GMT
server
cloudflare
etag
W/"666bad4c-2b4"
x-frame-options
ON
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cf-ray
895b9d1c0e2e66e7-AMS
access-control-allow-headers
*
loading-animation.png
k8player.com/img/ 		0
0
3s_web_detect.js
k8player.com/cdn/34dtfrFM/static/saconfig/secure/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.3ae.jp
URL
https://cdn.3ae.jp/wp-content/uploads/images/5.gif
Domain
k8player.com
URL
https://k8player.com/img/loading-logo.png?v=20240404
Domain
k8player.com
URL
https://k8player.com/img/loading-animation.png?v=20220516
Domain
k8player.com
URL
https://k8player.com/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=e9527c&module=frontend_web&v=20240422

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| yunweiConfig function| cdnPing function| createTags function| createdCss function| createdJs function| createdJsCall function| removeDom string| cdn

5 Cookies

Domain/Path Name / Value
.y8.hk/ Name: _ga
Value: GA1.1.420595073.1718717211
.k8player.com/ Name: __cf_bm
Value: yzuHyXWcDs24tPzTBS23aEAyb88sCs8.ygi_ZALT1Ts-1718717214-1.0.1.1-hnPS0swHm0i30IihxbpoirourlhwitOjGJNgeffNLf0wliGeH5DXxxwRdlpKX2iUmrUZ_YGci97CA8orxy7o9A
.y8.hk/ Name: _ga_1H15LYCZD5
Value: GS1.1.1718717211.1.0.1718717214.57.0.277862322
.y8.hk/ Name: _ga_1WCEWDV1PX
Value: GS1.1.1718717211.1.0.1718717214.0.0.0
.y8.hk/ Name: _ga_LNL1K9PGNV
Value: GS1.1.1718717211.1.0.1718717214.0.0.0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.3ae.jp
cdnjs.cloudflare.com
getsteamgifts.com
k8player.com
region1.analytics.google.com
region1.google-analytics.com
stats.g.doubleclick.net
www.getsteamgifts.com
www.google.nl
www.googletagmanager.com
y8.hk
cdn.3ae.jp
k8player.com
104.17.24.14
172.67.178.66
188.114.97.3
2001:4860:4802:34::36
2606:4700:4400::ac40:91cf
2a00:1450:4001:80f::2003
2a00:1450:4001:827::200a
2a00:1450:4001:829::2008
2a00:1450:400c:c0a::9a
027581da9775f4fdd5fbcbf4103fc933c6cff0d721ad9702ffdaa3a545292d1f
0785d4078e842b52a1f98b93cfa4f34b636ee001dbfa4bef89080338e34ad83a
097d52e82c36b61044acf36ba375bfb8080566fb23116a0bc164bbd7cd21d0f2
106fcd8d723eda7d92a26893a439ccef998e5fc68ad228253607143d801e8cd8
1bcd4b21679dcf808c706a9b98f004307669c83e6966c20c113b431e944d8a5a
2677bcef497ae0f5e34268571649268dc8b584d1408326f2247bab5c3d780e46
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0bea226c9e30dc1cd6005a948d301014c24467c67fddfd7bdc5d21643e49f5
36f91b82b310a79be4547d314f64ea8c06f4bb4e072f9791120e58a8ea26e066
607b0828676eb8a38835dead7770d1c42e12ba7725dc29f7aa653d8a4b76b2bf
62b5eda9458777d7e09f843ea8c70f8905ce09a15428c5766ea3a3bef6cb4a39
66654163dfd3de9366ee59e88727b6eb70bd5dea51513d57a80b526b802625f1
6bdc2bf2db4744a741fc90761e27b7cb360ecabd9a3edfd586defc9eb95717df
6f14101998fff51d94efe7f1946d812be542fc3f97b7306ddc116eaeca8fcf7f
79f4a36bb206829fdf0da05bad824ee6c6343138bd2e637c550dc825eca4149b
98cecf88a23542fa047ce46eedb650b5c5128761ed4386c0977b847094ddfa20
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
bbbac4327dc8426292f5946b30a95548cb984e80884b99697f64a735fec5da20
bc110abdd8eab468c3a7d774d2f2e89c3565747b532802c9d1706ef27dafb23c
ccf84bb53b19b1e5310d031c599b2ac4f0311ac5cdc17bd47da8e409e72ffa49
d04b1faa2da8b85f4f650a0ed3645bb5aee8b8faa5ce054de1115b315059ad68
d219d9501b14f77c5bd2e7feca6cb9493a278bf93ef89621b0209ad12365cb31
d82590aaf8b2c1c4b803d743bc550f06e3bc47305c72a8ee4169ab283a76703d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e50f7f7e54d59f92b71e2852d5157570f4a2623bf1292fc441fc39d6e6df7102
e7596c5a6099fffaf873198a59ba215da810d697c290a768315adc9d1ae63e43
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f30e0072bf05696ec39e9a834d5addd8d8bd27018f17e714adbb860b651be4a2
f4c01e0c4cb199c2d76d1d59f6c4b9006c23583a49e4d04520158fc44a080d91