urlscan.io logo urlscan.io
SecurityTrails logo

gamesttb.club Open in urlscan Pro
185.148.104.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://peradi.id/mawartoto.slot
Effective URL: https://gamesttb.club/?ref=adminmaxwin
Submission Tags: @phish_report
Submission: On June 12 via api from FI — Scanned from SG
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 33 HTTP transactions. The main IP is 185.148.104.5, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is gamesttb.club.
TLS certificate: Issued by E1 on March 23rd 2024. Valid for: 3 months.
This is the only time gamesttb.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 45.130.230.119 47583 (AS-HOSTINGER)
6 74.125.130.132 15169 (GOOGLE)
3 74.125.130.95 15169 (GOOGLE)
2 172.67.203.83 13335 (CLOUDFLAR...)
4 64.233.170.94 15169 (GOOGLE)
2 104.18.3.35 13335 (CLOUDFLAR...)
1 172.67.182.10 13335 (CLOUDFLAR...)
2 76.76.21.98 16509 (AMAZON-02)
1 5 185.148.104.5 209242 (CLOUDFLAR...)
8 185.148.104.39 209242 (CLOUDFLAR...)
33 10
1    45.130.230.119 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv95.niagahoster.com
peradi.id
6    74.125.130.132 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f132.1e100.net
cdn.ampproject.org
3    74.125.130.95 (United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f95.1e100.net
fonts.googleapis.com
2    172.67.203.83 (United States)

ASN13335 (CLOUDFLARENET, US)
itadoriyuji.xyz
4    64.233.170.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sg-in-f94.1e100.net
fonts.gstatic.com
2    104.18.3.35 (None, )

ASN13335 (CLOUDFLARENET, US)
pub-b3add181191545d98e21847c353e8324.r2.dev
1    172.67.182.10 (United States)

ASN13335 (CLOUDFLARENET, US)
yeshuv.site
2    76.76.21.98 (Walnut, United States)

ASN16509 (AMAZON-02, US)
www.svgrepo.com
5    185.148.104.5 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
gamesttb.club
8    185.148.104.39 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
oxplay.api-oplbo.com
Apex Domain
Subdomains		 Transfer
8 api-oplbo.com
oxplay.api-oplbo.com — Cisco Umbrella Rank: 131227
11 KB
6 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 472
161 KB
5 gamesttb.club
gamesttb.club
6 KB
4 gstatic.com
fonts.gstatic.com
105 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 77
3 KB
2 svgrepo.com
www.svgrepo.com — Cisco Umbrella Rank: 146628
6 KB
2 r2.dev
pub-b3add181191545d98e21847c353e8324.r2.dev
708 KB
2 itadoriyuji.xyz
itadoriyuji.xyz
311 KB
1 yeshuv.site
yeshuv.site
3 KB
1 peradi.id
peradi.id
3 KB
33 10
Domain Requested by
8 oxplay.api-oplbo.com gamesttb.club
6 cdn.ampproject.org peradi.id
cdn.ampproject.org
yeshuv.site
5 gamesttb.club 1 redirects gamesttb.club
4 fonts.gstatic.com fonts.googleapis.com
3 fonts.googleapis.com peradi.id
yeshuv.site
gamesttb.club
2 www.svgrepo.com
2 pub-b3add181191545d98e21847c353e8324.r2.dev peradi.id
yeshuv.site
2 itadoriyuji.xyz peradi.id
yeshuv.site
1 yeshuv.site
1 peradi.id
33 10

This site contains no links.

Subject Issuer Validity Valid
peradi.id
R3		 2024-04-25 -
2024-07-24		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
itadoriyuji.xyz
E1		 2024-06-04 -
2024-09-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-05-21 -
2024-08-13		 3 months crt.sh
*.r2.dev
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh
yeshuv.site
GTS CA 1P5		 2024-06-02 -
2024-08-31		 3 months crt.sh
www.svgrepo.com
R3		 2024-04-26 -
2024-07-25		 3 months crt.sh
gamesttb.club
E1		 2024-03-23 -
2024-06-21		 3 months crt.sh
api-oplbo.com
GTS CA 1P5		 2024-04-17 -
2024-07-16		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://gamesttb.club/?ref=adminmaxwin
Frame ID: 945348EF579A9D548F6FC7DED04171DC
Requests: 31 HTTP requests in this frame

Frame: https://gamesttb.club/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: 63C8AC3ACD2E2EB7C5873DC13C5CF063
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access Forbidden

Page URL History Show full URLs

  1. https://peradi.id/mawartoto.slot Page URL
  2. https://yeshuv.site/jumpkiw/ Page URL
  3. https://gamesttb.club/?ref=adminmaxwin Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js

Page Statistics

33
Requests

97 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

10
IPs

3
Countries

1316 kB
Transfer

1788 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://peradi.id/mawartoto.slot Page URL
  2. https://yeshuv.site/jumpkiw/ Page URL
  3. https://gamesttb.club/?ref=adminmaxwin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29
  • https://gamesttb.club/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://gamesttb.club/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
mawartoto.slot
peradi.id/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://peradi.id/mawartoto.slot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
45.130.230.119 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
srv95.niagahoster.com
Software
LiteSpeed / Niagahoster
Resource Hash
d8f1fa42206e8a95fdd775e992cd098cb433cf8d0520beec34334eaf1162ec9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding
br
content-length
2592
content-type
text/html; charset=UTF-8
date
Wed, 12 Jun 2024 07:35:50 GMT
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding,User-Agent
x-content-type-options
nosniff
x-powered-by
Niagahoster
x-xss-protection
1; mode=block
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: peradi.id
URL: https://peradi.id/mawartoto.slot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
9d5e2003f798252335c0faf032c62d6cb9b2c6ef4756e301b868398a8346b236
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://peradi.id/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 12 Jun 2024 07:35:51 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73073
x-xss-protection
0
server
sffe
etag
"a97eff4b207291bf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 12 Jun 2024 07:35:51 GMT
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Requested by
Host: peradi.id
URL: https://peradi.id/mawartoto.slot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://peradi.id/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 07:35:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 07:25:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jun 2024 07:35:51 GMT
laku.gif
itadoriyuji.xyz/img/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itadoriyuji.xyz/img/laku.gif
Requested by
Host: peradi.id
URL: https://peradi.id/mawartoto.slot
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.203.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2061ea57c0d44ac3b8c1321e9438d644323d5d30759764cbd030bac6488fcf7e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://peradi.id/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:51 GMT
cf-cache-status
HIT
last-modified
Sat, 06 Apr 2024 13:55:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
398
etag
"26bda-6156deba5d470"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RSbMrLe7DHauKf49JJG1X5XYNNwUesBplfDJ9sIaJoE38LGKr9Y8dmwT80306Gdk4liOO0NZZCTgZhTtQl4ljH8k9eOXAuJvLKZhqPbYF2qmth%2BscWl%2BzuymXyPV0We8XMY%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89282aa41a7401bc-SIN
alt-svc
h3=":443"; ma=86400
content-length
158682
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
sffe /
Resource Hash
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://peradi.id
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 14:30:29 GMT
x-content-type-options
nosniff
age
320722
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39412
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 22:43:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Jun 2025 14:30:29 GMT
zeusgacor.jpeg
pub-b3add181191545d98e21847c353e8324.r2.dev/ 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-b3add181191545d98e21847c353e8324.r2.dev/zeusgacor.jpeg
Requested by
Host: peradi.id
URL: https://peradi.id/mawartoto.slot
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
363c973b580f840a7ce8acfd85537306c600977652185a6b6de74a78ec326674

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://peradi.id/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:35:51 GMT
Last-Modified
Tue, 14 May 2024 05:19:54 GMT
Server
cloudflare
ETag
"4a19cedec7ca6a80ae18e76439c30b9b"
Vary
Accept-Encoding
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
89282aa43d155cd5-SIN
Content-Length
362227
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012405300626000/v0/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405300626000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
74b2ab7f9b09d5a6f6ccd6e5f03f360b33f0f1f143f531b2b359a52954c8ee75
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://peradi.id/
Origin
https://peradi.id
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jun 2024 17:31:12 GMT
age
50679
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"d78510ac2b65c95f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Jun 2025 17:31:12 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012405300626000/v0/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405300626000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
c0c64baec3fdd695a191ae75c458d5f69b826e2279ca9f350cd5bbe1974c534a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://peradi.id/
Origin
https://peradi.id
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jun 2024 17:31:17 GMT
age
50674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"d6baacf2ffc164c5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Jun 2025 17:31:17 GMT
/
yeshuv.site/jumpkiw/ 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yeshuv.site/jumpkiw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.182.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a57cc348ddb662895a3ce6ab7beda296463adbcf148d3ba124a1070d0a8ddacd

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://peradi.id/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89282aa8897c19ac-SIN
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 12 Jun 2024 07:35:52 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDq0uUZDBnEf20lJix0bl%2BVZybVSaW9lX6skwWhpBMEK9Uz8k0jItrysYmxylWKCUAcPFuXwiH3djRE9KeUVm1mmILX9qTDWkuPKYxOFzsO49ZFM06tUaq2YmIftIg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-turbo-charged-by
LiteSpeed
slots.svg
www.svgrepo.com/show/439322/ 		9 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.svgrepo.com/show/439322/slots.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://peradi.id/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:52 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 09 Jan 2023 01:01:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
Vercel
x-vercel-id
sin1::854pg-1718177752045-b28506696b44
etag
W/"63bb6786-2319"
strict-transport-security
max-age=63072000
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FZfMBESILJCfeJIWHF5S0CkCEzlXh3HHPEU5gaTGLYSum7RBw%2FG1MbqCt4r%2F5rwOADV4QTmS%2FawfCBypGS9VtTlJIennug1wQ0MvJHgh3Z4gVuZBTdjY%2FLwgpdtJH494O0g%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
89282aa65c404d63-SIN
expires
Fri, 12 Jul 2024 07:35:52 GMT
v0.js
cdn.ampproject.org/ 		278 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/v0.js
Requested by
Host: yeshuv.site
URL: https://yeshuv.site/jumpkiw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
9d5e2003f798252335c0faf032c62d6cb9b2c6ef4756e301b868398a8346b236
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yeshuv.site/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
date
Wed, 12 Jun 2024 07:35:52 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73073
x-xss-protection
0
server
sffe
etag
"a97eff4b207291bf"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3000, stale-while-revalidate=1206600
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 12 Jun 2024 07:35:52 GMT
css2
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Requested by
Host: yeshuv.site
URL: https://yeshuv.site/jumpkiw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yeshuv.site/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 07:35:52 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 07:21:58 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jun 2024 07:35:52 GMT
laku.gif
itadoriyuji.xyz/img/ 		155 KB
156 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itadoriyuji.xyz/img/laku.gif
Requested by
Host: yeshuv.site
URL: https://yeshuv.site/jumpkiw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.203.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2061ea57c0d44ac3b8c1321e9438d644323d5d30759764cbd030bac6488fcf7e

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yeshuv.site/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:53 GMT
cf-cache-status
HIT
last-modified
Sat, 06 Apr 2024 13:55:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3537
etag
"26bda-6156deba5d470"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TGrra5OwHNkJihHDqkQ1%2Bpz7Q1vBRv%2FWVlKscU2O8%2BuOxecodNvihUrfZFP%2F6JQmX0ZbXZix4sjbUeP3w0op7FA48MB2CNW8eDFIRWO%2BOPf5nHwSlMBkFFOqxrdZK4dYv2k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89282aad6fc09f98-SIN
alt-svc
h3=":443"; ma=86400
content-length
158682
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 		38 KB
39 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
sffe /
Resource Hash
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://yeshuv.site
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 14:30:29 GMT
x-content-type-options
nosniff
age
320724
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
39412
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 22:43:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Jun 2025 14:30:29 GMT
zeusgacor.jpeg
pub-b3add181191545d98e21847c353e8324.r2.dev/ 		354 KB
354 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pub-b3add181191545d98e21847c353e8324.r2.dev/zeusgacor.jpeg
Requested by
Host: yeshuv.site
URL: https://yeshuv.site/jumpkiw/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
104.18.3.35 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
363c973b580f840a7ce8acfd85537306c600977652185a6b6de74a78ec326674

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yeshuv.site/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 12 Jun 2024 07:35:53 GMT
Last-Modified
Tue, 14 May 2024 05:19:54 GMT
Server
cloudflare
ETag
"4a19cedec7ca6a80ae18e76439c30b9b"
Vary
Accept-Encoding
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
89282aae0f5b9c51-SIN
Content-Length
362227
amp-auto-lightbox-0.1.js
cdn.ampproject.org/rtv/012405300626000/v0/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405300626000/v0/amp-auto-lightbox-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
74b2ab7f9b09d5a6f6ccd6e5f03f360b33f0f1f143f531b2b359a52954c8ee75
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yeshuv.site/
Origin
https://yeshuv.site
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jun 2024 17:31:12 GMT
age
50681
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2974
x-xss-protection
0
server
sffe
etag
"d78510ac2b65c95f"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Jun 2025 17:31:12 GMT
amp-loader-0.1.js
cdn.ampproject.org/rtv/012405300626000/v0/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012405300626000/v0/amp-loader-0.1.js
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.132 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f132.1e100.net
Software
sffe /
Resource Hash
c0c64baec3fdd695a191ae75c458d5f69b826e2279ca9f350cd5bbe1974c534a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yeshuv.site/
Origin
https://yeshuv.site
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 11 Jun 2024 17:31:17 GMT
age
50676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3938
x-xss-protection
0
server
sffe
etag
"d6baacf2ffc164c5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 11 Jun 2025 17:31:17 GMT
Primary Request /
gamesttb.club/ 		2 KB
1013 B 		Document
General
Check archive.org
Download Go to
Full URL
https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.104.5 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e27e7f2280372eb122844901acaed34774ff83200d693ed588db12074e82951e

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
https://yeshuv.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-ray
89282ab229148983-SIN
content-encoding
br
content-type
text/html
date
Wed, 12 Jun 2024 07:35:53 GMT
server
cloudflare
vary
Accept-Encoding
slots.svg
www.svgrepo.com/show/439322/ 		9 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.svgrepo.com/show/439322/slots.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.76.21.98 Walnut, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Vercel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://yeshuv.site/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:53 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Mon, 09 Jan 2023 01:01:58 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
Vercel
x-vercel-id
sin1::hd2kj-1718177753631-409f26408fad
etag
W/"63bb6786-2319"
strict-transport-security
max-age=63072000
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oh0xoPUKDo8cvSjW1r4ciZXh74X4Tsg6TITExdWKFtGZSTpR2KjQ7xXqOhjpSbtn4qOiKbCXFuYsBI4qWo3e0%2FK6C%2FU4%2FVhs%2BovX5DERkI2e1JahHiij5HpwNc4U0upA2w4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=31536000
cf-ray
89282ab048cd4cbf-SIN
expires
Fri, 12 Jul 2024 07:35:53 GMT
css2
fonts.googleapis.com/ 		2 KB
851 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Poppins&family=Sen:wght@400..800&display=swap
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.130.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f95.1e100.net
Software
ESF /
Resource Hash
8808f4ae7cee7f4e9ad630b5ad3d88853430a1231c67248ca571421ce7aa9056
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamesttb.club/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Wed, 12 Jun 2024 07:35:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 12 Jun 2024 07:35:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 12 Jun 2024 07:35:54 GMT
index.css
oxplay.api-oplbo.com/deny/ 		438 B
741 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://oxplay.api-oplbo.com/deny/index.css
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9f44f99438c74db36bd7910cbd4ac499b69b644e9a202e7380ee1a2a21c7915
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamesttb.club/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
strict-transport-security
max-age=315360000
content-encoding
br
cf-cache-status
HIT
age
5525
cf-polished
origSize=579
last-modified
Mon, 08 Apr 2024 14:43:31 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
89282ab30e5c48d6-SIN
access-control-allow-headers
*
expires
Wed, 12 Jun 2024 08:05:54 GMT
index.js
oxplay.api-oplbo.com/deny/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oxplay.api-oplbo.com/deny/index.js
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b5691131b2e8eb542af2d2466026edab46a8b89b2b26779c415eb7df929e726
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamesttb.club/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
strict-transport-security
max-age=315360000
content-encoding
br
cf-cache-status
HIT
age
5525
cf-polished
origSize=3112
last-modified
Mon, 08 Apr 2024 14:43:31 GMT
cf-bgj
minify
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
89282ab30e5e48d6-SIN
access-control-allow-headers
*
expires
Wed, 12 Jun 2024 08:05:54 GMT
restricted.svg
oxplay.api-oplbo.com/deny/ 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxplay.api-oplbo.com/deny/restricted.svg
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a4e18c7290ef1758bac9188a2ae859e80ea9b54c989a251a538072eb1b9b767
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamesttb.club/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 04 Apr 2024 15:34:00 GMT
server
cloudflare
strict-transport-security
max-age=315360000
age
1506
vary
Accept-Encoding
access-control-allow-methods
*
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=1800
cf-ray
89282ab4fff448d6-SIN
access-control-allow-headers
*
expires
Wed, 12 Jun 2024 08:05:54 GMT
id.png
oxplay.api-oplbo.com/deny/ 		928 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxplay.api-oplbo.com/deny/id.png
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
01c7b868948e4ff2901fd57a425b4125572607a69b1e65e4c3a32f60a75991d8
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamesttb.club/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
strict-transport-security
max-age=315360000
cf-cache-status
HIT
age
2390
cf-polished
origFmt=png, origSize=4726
content-disposition
inline; filename="id.webp"
content-length
928
last-modified
Thu, 04 Apr 2024 15:34:00 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
vary
Accept, Accept-Encoding
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
89282ab4fff648d6-SIN
access-control-allow-headers
*
expires
Wed, 12 Jun 2024 08:05:54 GMT
gb.png
oxplay.api-oplbo.com/deny/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxplay.api-oplbo.com/deny/gb.png
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
56f527b312159bc09a281b5d8e8aa690bcc403ca08fd88d6f5dc570781e25efe
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamesttb.club/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
strict-transport-security
max-age=315360000
cf-cache-status
HIT
age
6710
cf-polished
origFmt=png, origSize=1957
content-disposition
inline; filename="gb.webp"
content-length
1446
last-modified
Thu, 04 Apr 2024 15:34:00 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
vary
Accept, Accept-Encoding
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
89282ab4fff748d6-SIN
access-control-allow-headers
*
expires
Wed, 12 Jun 2024 08:05:54 GMT
my.png
oxplay.api-oplbo.com/deny/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxplay.api-oplbo.com/deny/my.png
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
14618b50e17de3ca84fca8acf04745a93faafd665eeb981fbcdb85c2848473b3
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamesttb.club/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
strict-transport-security
max-age=315360000
cf-cache-status
HIT
age
219
cf-polished
origFmt=png, origSize=2892
content-disposition
inline; filename="my.webp"
content-length
2236
last-modified
Thu, 04 Apr 2024 15:34:00 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
vary
Accept, Accept-Encoding
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
89282ab4fff848d6-SIN
access-control-allow-headers
*
expires
Wed, 12 Jun 2024 08:05:54 GMT
vn.png
oxplay.api-oplbo.com/deny/ 		374 B
488 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxplay.api-oplbo.com/deny/vn.png
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c637fe30428d3153cf4ed75db3c8aa6d9e6c0759e1ea1a05f2515076c149d74
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamesttb.club/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
strict-transport-security
max-age=315360000
cf-cache-status
HIT
age
5524
cf-polished
origFmt=png, origSize=909
content-disposition
inline; filename="vn.webp"
content-length
374
last-modified
Thu, 04 Apr 2024 15:34:00 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
vary
Accept, Accept-Encoding
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
89282ab4fff948d6-SIN
access-control-allow-headers
*
expires
Wed, 12 Jun 2024 08:05:54 GMT
th.jpeg
oxplay.api-oplbo.com/deny/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://oxplay.api-oplbo.com/deny/th.jpeg
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
36d529c4c71e837564d5bfdfd584e800d8abeaeed2f874499ab6ab651f091d08
Security Headers
Name Value
Strict-Transport-Security max-age=315360000

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamesttb.club/
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
strict-transport-security
max-age=315360000
cf-cache-status
HIT
age
5558
cf-polished
qual=85, origFmt=jpeg, origSize=3960
content-disposition
inline; filename="th.webp"
content-length
1722
last-modified
Thu, 04 Apr 2024 15:34:00 GMT
cf-bgj
imgq:85,h2pri
server
cloudflare
vary
Accept, Accept-Encoding
access-control-allow-methods
*
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=1800
accept-ranges
bytes
cf-ray
89282ab4fffa48d6-SIN
access-control-allow-headers
*
expires
Wed, 12 Jun 2024 08:05:54 GMT
6xKjdSxYI9_3nPWN.woff2
fonts.gstatic.com/s/sen/v9/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sen/v9/6xKjdSxYI9_3nPWN.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&family=Sen:wght@400..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
sffe /
Resource Hash
408ab4c2881dc29ca3b0c9b69d1964c7272a582546da031f7457457473d14f3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://gamesttb.club
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sat, 08 Jun 2024 14:34:43 GMT
x-content-type-options
nosniff
age
320471
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18308
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:47:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Jun 2025 14:34:43 GMT
6xKjdSxYI9_3kvWNEmo.woff2
fonts.gstatic.com/s/sen/v9/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sen/v9/6xKjdSxYI9_3kvWNEmo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&family=Sen:wght@400..800&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.170.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sg-in-f94.1e100.net
Software
sffe /
Resource Hash
f5fd483f4b5e787885595dc9a96f19949726e20d3356f1c2a4835f110091659d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://fonts.googleapis.com/
Origin
https://gamesttb.club
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 11 Jun 2024 17:48:17 GMT
x-content-type-options
nosniff
age
49657
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8912
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 20:47:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 11 Jun 2025 17:48:17 GMT
main.js
gamesttb.club/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame 63C8
Redirect Chain
  • https://gamesttb.club/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://gamesttb.club/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://gamesttb.club/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin
Protocol
H2
Server
185.148.104.5 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f47cc4117718229d2963530f81a61a2d9df1d2a7913e354bd4e76a34cfbd43d5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-SG,en;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
content-encoding
br
x-content-type-options
nosniff
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
89282ab58ccd8983-SIN
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Wed, 12 Jun 2024 07:35:54 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
cache-control
max-age=300, public
cf-ray
89282ab51c3b8983-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
89282ab229148983
gamesttb.club/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 63C8 		0
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gamesttb.club/cdn-cgi/challenge-platform/h/g/jsd/r/89282ab229148983
Requested by
Host: gamesttb.club
URL: https://gamesttb.club/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.148.104.5 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
server
cloudflare
cf-ray
89282ab66eb14ac6-SIN
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain; charset=UTF-8
favicon.ico
gamesttb.club/ 		653 B
411 B 		Other
General
Check archive.org
Download Go to
Full URL
https://gamesttb.club/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
185.148.104.5 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
7b8abae86571cdf335af45fceed4f87be796e4846411a5e1dc1a190147bf0f57

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://gamesttb.club/?ref=adminmaxwin
Accept-Language
en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 12 Jun 2024 07:35:54 GMT
content-encoding
br
server
cloudflare
cf-ray
89282ab7980e4ac6-SIN
alt-svc
h3=":443"; ma=86400
vary
Accept-Encoding
content-type
text/html

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| appendLanguages

3 Cookies

Domain/Path Name / Value
.gamesttb.club/ Name: __cf_bm
Value: 9DtYkHs.cIpsLQ1SvPEn56.qgSoj_hzGBGhkQpWoW8U-1718177753-1.0.1.1-BEV7ZwX5lXqKEgv_s2EQ8rW2xfJTi3gTM2GGsv_hWIckNAegJIpHknTqKA49mr7wskE6DHxFxhJD2XLG9uJGbA
.api-oplbo.com/ Name: __cf_bm
Value: soWl1wS3KSCGhpiNw0YVOvMuOVbu_ft8rEnFZJPVuGc-1718177754-1.0.1.1-h45Ol_JMiAk5c3CYDfcIHMYC5UrAC5DM2VAosga2mzJ5g9begDm1701KA273MG5AauvAPOAWN3jt5.aAA7DDsA
.gamesttb.club/ Name: cf_clearance
Value: md.ecg4CCNaXrgp_JPkNZOJfnSOT6F7aTjToLngoLdY-1718177754-1.0.1.1-v0kr_o9i.Do5lfhwMZoMu362ShjDLZxnqW7BHJdC26vsqhRxHiyCZq.3YFOfcMhcmQOeueRKJlLq_CoAhonWRQ

10 Console Messages

Source Level URL
Text
network error URL: https://gamesttb.club/?ref=adminmaxwin
Message:
Failed to load resource: the server responded with a status of 403 ()
other warning URL: https://gamesttb.club/?ref=adminmaxwin
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gamesttb.club/?ref=adminmaxwin
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gamesttb.club/?ref=adminmaxwin
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gamesttb.club/?ref=adminmaxwin
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gamesttb.club/?ref=adminmaxwin
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gamesttb.club/?ref=adminmaxwin
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gamesttb.club/?ref=adminmaxwin
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://gamesttb.club/?ref=adminmaxwin
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
network error URL: https://gamesttb.club/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
gamesttb.club
itadoriyuji.xyz
oxplay.api-oplbo.com
peradi.id
pub-b3add181191545d98e21847c353e8324.r2.dev
www.svgrepo.com
yeshuv.site
104.18.3.35
172.67.182.10
172.67.203.83
185.148.104.39
185.148.104.5
45.130.230.119
64.233.170.94
74.125.130.132
74.125.130.95
76.76.21.98
01c7b868948e4ff2901fd57a425b4125572607a69b1e65e4c3a32f60a75991d8
14618b50e17de3ca84fca8acf04745a93faafd665eeb981fbcdb85c2848473b3
2061ea57c0d44ac3b8c1321e9438d644323d5d30759764cbd030bac6488fcf7e
363c973b580f840a7ce8acfd85537306c600977652185a6b6de74a78ec326674
36d529c4c71e837564d5bfdfd584e800d8abeaeed2f874499ab6ab651f091d08
408ab4c2881dc29ca3b0c9b69d1964c7272a582546da031f7457457473d14f3c
4b5691131b2e8eb542af2d2466026edab46a8b89b2b26779c415eb7df929e726
56f527b312159bc09a281b5d8e8aa690bcc403ca08fd88d6f5dc570781e25efe
74b2ab7f9b09d5a6f6ccd6e5f03f360b33f0f1f143f531b2b359a52954c8ee75
7b8abae86571cdf335af45fceed4f87be796e4846411a5e1dc1a190147bf0f57
8808f4ae7cee7f4e9ad630b5ad3d88853430a1231c67248ca571421ce7aa9056
8a4e18c7290ef1758bac9188a2ae859e80ea9b54c989a251a538072eb1b9b767
8c637fe30428d3153cf4ed75db3c8aa6d9e6c0759e1ea1a05f2515076c149d74
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
9d5e2003f798252335c0faf032c62d6cb9b2c6ef4756e301b868398a8346b236
a57cc348ddb662895a3ce6ab7beda296463adbcf148d3ba124a1070d0a8ddacd
a9f44f99438c74db36bd7910cbd4ac499b69b644e9a202e7380ee1a2a21c7915
c0c64baec3fdd695a191ae75c458d5f69b826e2279ca9f350cd5bbe1974c534a
d8f1fa42206e8a95fdd775e992cd098cb433cf8d0520beec34334eaf1162ec9b
e27e7f2280372eb122844901acaed34774ff83200d693ed588db12074e82951e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b
f47cc4117718229d2963530f81a61a2d9df1d2a7913e354bd4e76a34cfbd43d5
f5fd483f4b5e787885595dc9a96f19949726e20d3356f1c2a4835f110091659d