gamesttb.club Open in urlscan Pro
185.148.104.5 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://peradi.id/mawartoto.slot
Effective URL:
https://gamesttb.club/?ref=adminmaxwin
Submission Tags: @phish_report
Submission: On June 12 via api (June 12th 2024, 7:43:45 am UTC) from FI — Scanned from SG

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 2 countries across 10 domains to perform 33 HTTP transactions. The main IP is 185.148.104.5, located in United States and belongs to CLOUDFLARESPECTRUM Cloudflare, Inc., US. The main domain is gamesttb.club.
TLS certificate: Issued by E1 on March 23rd 2024. Valid for: 3 months.

This is the only time gamesttb.club was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	45.130.230.119 45.130.230.119	47583 (AS-HOSTINGER) (AS-HOSTINGER)
2	2404:6800:400... 2404:6800:4003:c01::84	15169 (GOOGLE) (GOOGLE)
3	2404:6800:400... 2404:6800:4003:c06::5f	15169 (GOOGLE) (GOOGLE)
2	172.67.203.83 172.67.203.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2404:6800:400... 2404:6800:4003:c1a::5e	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:223	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	142.251.175.132 142.251.175.132	15169 (GOOGLE) (GOOGLE)
1	172.67.182.10 172.67.182.10	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 5	185.148.104.5 185.148.104.5	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
1	76.76.21.61 76.76.21.61	16509 (AMAZON-02) (AMAZON-02)
8	185.148.104.39 185.148.104.39	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
33	12

1 45.130.230.119 (Singapore, Singapore)

ASN47583 (AS-HOSTINGER, CY)
PTR: srv95.niagahoster.com

peradi.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2404:6800:4003:c01::84 (Singapore, Singapore)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2404:6800:4003:c06::5f (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.67.203.83 (United States)

ASN13335 (CLOUDFLARENET, US)

itadoriyuji.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2404:6800:4003:c1a::5e (Singapore, Singapore)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:223 (United States)

ASN13335 (CLOUDFLARENET, US)

pub-b3add181191545d98e21847c353e8324.r2.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.175.132 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: sh-in-f132.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.182.10 (United States)

ASN13335 (CLOUDFLARENET, US)

yeshuv.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.148.104.5 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

gamesttb.club	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.76.21.61 (Walnut, United States)

ASN16509 (AMAZON-02, US)

www.svgrepo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.148.104.39 (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

oxplay.api-oplbo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	api-oplbo.com oxplay.api-oplbo.com — Cisco Umbrella Rank: 131227	11 KB
6	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 472	159 KB
5	gamesttb.club 1 redirects gamesttb.club	6 KB
4	gstatic.com fonts.gstatic.com	105 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 77	3 KB
2	r2.dev pub-b3add181191545d98e21847c353e8324.r2.dev	708 KB
2	itadoriyuji.xyz itadoriyuji.xyz	311 KB
1	svgrepo.com www.svgrepo.com — Cisco Umbrella Rank: 146628 Failed	3 KB
1	yeshuv.site yeshuv.site	3 KB
1	peradi.id peradi.id	3 KB
33	10

	Domain	Requested by
8	oxplay.api-oplbo.com	gamesttb.club
6	cdn.ampproject.org	peradi.id cdn.ampproject.org yeshuv.site
5	gamesttb.club	1 redirects gamesttb.club
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	peradi.id yeshuv.site gamesttb.club
2	pub-b3add181191545d98e21847c353e8324.r2.dev	peradi.id yeshuv.site
2	itadoriyuji.xyz	peradi.id yeshuv.site
1	www.svgrepo.com
1	yeshuv.site
1	peradi.id
33	10

This site contains no links.

Subject Issuer	Validity	Valid
peradi.id R3	`2024-04-25` - `2024-07-24`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
itadoriyuji.xyz E1	`2024-06-04` - `2024-09-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-05-21` - `2024-08-13`	3 months	crt.sh
*.r2.dev E1	`2024-06-03` - `2024-09-01`	3 months	crt.sh
yeshuv.site GTS CA 1P5	`2024-06-02` - `2024-08-31`	3 months	crt.sh
gamesttb.club E1	`2024-03-23` - `2024-06-21`	3 months	crt.sh
www.svgrepo.com R3	`2024-04-26` - `2024-07-25`	3 months	crt.sh
api-oplbo.com GTS CA 1P5	`2024-04-17` - `2024-07-16`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://gamesttb.club/?ref=adminmaxwin
Frame ID: 31F30933A70793753FAC3207DDB449F8
Requests: 31 HTTP requests in this frame

Frame: https://gamesttb.club/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
Frame ID: 042D53A9D94B2B891F5D1E6B785BF87E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Access Forbidden

Page URL History Show full URLs

https://peradi.id/mawartoto.slot Page URL
https://yeshuv.site/jumpkiw/ Page URL
https://gamesttb.club/?ref=adminmaxwin Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Lightbox (JavaScript Libraries) Expand

Page Statistics

33
Requests

94 %
HTTPS

36 %
IPv6

10
Domains

10
Subdomains

12
IPs

2
Countries

1311 kB
Transfer

1779 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://peradi.id/mawartoto.slot Page URL
https://yeshuv.site/jumpkiw/ Page URL
https://gamesttb.club/?ref=adminmaxwin Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 29

https://gamesttb.club/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://gamesttb.club/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 mawartoto.slot Show response
peradi.id/ 7 KB
3 KB 543ms
510ms Document
text/html 45.130.230.119
AS-HOSTINGER

General

Check archive.org

Show headers Download Go to

Full URL

https://peradi.id/mawartoto.slot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.130.230.119 Singapore, Singapore, ASN47583 (AS-HOSTINGER, CY),

Reverse DNS

srv95.niagahoster.com

Software

LiteSpeed / Niagahoster

Resource Hash

d8f1fa42206e8a95fdd775e992cd098cb433cf8d0520beec34334eaf1162ec9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-encoding: br
content-length: 2592
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 07:43:40 GMT
server: LiteSpeed
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding,User-Agent
x-content-type-options: nosniff
x-powered-by: Niagahoster
x-xss-protection: 1; mode=block

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 26ms
5ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: peradi.id
URL: https://peradi.id/mawartoto.slot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d5e2003f798252335c0faf032c62d6cb9b2c6ef4756e301b868398a8346b236

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://peradi.id/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Jun 2024 07:43:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73073
x-xss-protection: 0
server: sffe
etag: "a97eff4b207291bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Jun 2024 07:43:40 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 18ms
6ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: peradi.id
URL: https://peradi.id/mawartoto.slot

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://peradi.id/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Jun 2024 07:43:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 06:29:19 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jun 2024 07:43:40 GMT

GET
H3 200 laku.gif
itadoriyuji.xyz/img/ 155 KB
156 KB 233ms
15ms Image
image/gif 172.67.203.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itadoriyuji.xyz/img/laku.gif
Requested by: Host: peradi.id
URL: https://peradi.id/mawartoto.slot
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2061ea57c0d44ac3b8c1321e9438d644323d5d30759764cbd030bac6488fcf7e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://peradi.id/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:40 GMT
cf-cache-status: HIT
last-modified: Sat, 06 Apr 2024 13:55:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6991
etag: "26bda-6156deba5d470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZLit00OTqFxWKxY5q8CdeQCLHPuvy4nGmqdEUfeBQywg3%2FyoeFMjK0wJFlHTrliX25Ncz3LmymQDA5Aas9M099ZIjodMdl87R5lUNoVfwow8x9wCAmXGk6maubFbvUgMno%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 89283618195c3dcf-SIN
alt-svc: h3=":443"; ma=86400
content-length: 158682

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 213ms
5ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://peradi.id
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:30:29 GMT
x-content-type-options: nosniff
age: 321191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 14:30:29 GMT

GET
H/1.1 200
OK zeusgacor.jpeg
pub-b3add181191545d98e21847c353e8324.r2.dev/ 354 KB
354 KB 443ms
282ms Image
image/jpeg 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-b3add181191545d98e21847c353e8324.r2.dev/zeusgacor.jpeg
Requested by: Host: peradi.id
URL: https://peradi.id/mawartoto.slot
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363c973b580f840a7ce8acfd85537306c600977652185a6b6de74a78ec326674

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://peradi.id/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 07:43:41 GMT
Last-Modified: Tue, 14 May 2024 05:19:54 GMT
Server: cloudflare
ETag: "4a19cedec7ca6a80ae18e76439c30b9b"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8928361819b63f7d-SIN
Content-Length: 362227

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012405300626000/v0/ 8 KB
3 KB 15ms
6ms Script
text/javascript 142.251.175.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405300626000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f132.1e100.net

Software

sffe /

Resource Hash

74b2ab7f9b09d5a6f6ccd6e5f03f360b33f0f1f143f531b2b359a52954c8ee75

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://peradi.id/
Origin: https://peradi.id
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 17:30:57 GMT
age: 51163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "d78510ac2b65c95f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Jun 2025 17:30:57 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012405300626000/v0/ 12 KB
4 KB 13ms
4ms Script
text/javascript 142.251.175.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405300626000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f132.1e100.net

Software

sffe /

Resource Hash

c0c64baec3fdd695a191ae75c458d5f69b826e2279ca9f350cd5bbe1974c534a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://peradi.id/
Origin: https://peradi.id
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 17:30:57 GMT
age: 51163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "d6baacf2ffc164c5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Jun 2025 17:30:57 GMT

GET
H3 200 / Show response
yeshuv.site/jumpkiw/ 7 KB
3 KB 59ms
42ms Document
text/html 172.67.182.10
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://yeshuv.site/jumpkiw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.182.10 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a57cc348ddb662895a3ce6ab7beda296463adbcf148d3ba124a1070d0a8ddacd

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://peradi.id/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8928361a5f543d8c-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Wed, 12 Jun 2024 07:43:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MDMmB2ZHhejakIs7RO97JXgp5Dy17oqpYm46KjMm0p4Bw2LONqTf1drUiL0e0p%2Fx28pywQnIASj66JZvu6t7jnbPtUxp3cWWlU%2Bt8JqwqNuLq3CinDMGs68Wmfrxvg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed

GET slots.svg
www.svgrepo.com/show/439322/ 0
0

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 20ms
6ms Script
text/javascript 2404:6800:4003:c01::84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: yeshuv.site
URL: https://yeshuv.site/jumpkiw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c01::84 Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d5e2003f798252335c0faf032c62d6cb9b2c6ef4756e301b868398a8346b236

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yeshuv.site/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Wed, 12 Jun 2024 07:43:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73073
x-xss-protection: 0
server: sffe
etag: "a97eff4b207291bf"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 12 Jun 2024 07:43:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 17ms
7ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Requested by

Host: yeshuv.site
URL: https://yeshuv.site/jumpkiw/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yeshuv.site/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Jun 2024 07:43:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 07:18:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jun 2024 07:43:41 GMT

GET
H3 200 laku.gif
itadoriyuji.xyz/img/ 155 KB
156 KB 28ms
16ms Image
image/gif 172.67.203.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itadoriyuji.xyz/img/laku.gif
Requested by: Host: yeshuv.site
URL: https://yeshuv.site/jumpkiw/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.203.83 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2061ea57c0d44ac3b8c1321e9438d644323d5d30759764cbd030bac6488fcf7e

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yeshuv.site/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:41 GMT
cf-cache-status: HIT
last-modified: Sat, 06 Apr 2024 13:55:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 6833
etag: "26bda-6156deba5d470"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rHC2n8wNADUlk3QavOL4p97bua4X%2Fq9sqhMrnlhOg8Y2Qqk24LcKhc8VNGB5D2eI1h9IL%2FtZBbfDxJbVlamLA7BFaXTkH3wN8mKvdas0ohgoyZVtkdcdEo%2BSYfoqxZKKRcY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 8928361af81c403b-SIN
alt-svc: h3=":443"; ma=86400
content-length: 158682

GET
H2 200 o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/ 38 KB
39 KB 14ms
5ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Noto+Sans:wght@400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://yeshuv.site
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:30:29 GMT
x-content-type-options: nosniff
age: 321192
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39412
x-xss-protection: 0
last-modified: Wed, 14 Feb 2024 22:43:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 14:30:29 GMT

GET
H/1.1 200
OK zeusgacor.jpeg
pub-b3add181191545d98e21847c353e8324.r2.dev/ 354 KB
354 KB 234ms
215ms Image
image/jpeg 2606:4700::6812:223
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pub-b3add181191545d98e21847c353e8324.r2.dev/zeusgacor.jpeg
Requested by: Host: yeshuv.site
URL: https://yeshuv.site/jumpkiw/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:223 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 363c973b580f840a7ce8acfd85537306c600977652185a6b6de74a78ec326674

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yeshuv.site/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Wed, 12 Jun 2024 07:43:41 GMT
Last-Modified: Tue, 14 May 2024 05:19:54 GMT
Server: cloudflare
ETag: "4a19cedec7ca6a80ae18e76439c30b9b"
Vary: Accept-Encoding
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
CF-RAY: 8928361b59638994-SIN
Content-Length: 362227

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012405300626000/v0/ 8 KB
3 KB 15ms
5ms Script
text/javascript 142.251.175.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405300626000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f132.1e100.net

Software

sffe /

Resource Hash

74b2ab7f9b09d5a6f6ccd6e5f03f360b33f0f1f143f531b2b359a52954c8ee75

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yeshuv.site/
Origin: https://yeshuv.site
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 17:30:57 GMT
age: 51164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2974
x-xss-protection: 0
server: sffe
etag: "d78510ac2b65c95f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Jun 2025 17:30:57 GMT

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012405300626000/v0/ 12 KB
4 KB 13ms
6ms Script
text/javascript 142.251.175.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012405300626000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.175.132 Farmingdale, United States, ASN15169 (GOOGLE, US),

Reverse DNS

sh-in-f132.1e100.net

Software

sffe /

Resource Hash

c0c64baec3fdd695a191ae75c458d5f69b826e2279ca9f350cd5bbe1974c534a

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yeshuv.site/
Origin: https://yeshuv.site
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 11 Jun 2024 17:30:57 GMT
age: 51164
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3938
x-xss-protection: 0
server: sffe
etag: "d6baacf2ffc164c5"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 11 Jun 2025 17:30:57 GMT

GET
H2 403 Primary Request / Show response
gamesttb.club/ 2 KB
1012 B 2029ms
12ms Document
text/html 185.148.104.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesttb.club/?ref=adminmaxwin
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.148.104.5 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04a3d8fb7207e1b23dcf20ffe5eef3682d653931811af1a4034b49f76484cc19

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer: https://yeshuv.site/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-ray: 89283629aa933e3e-SIN
content-encoding: br
content-type: text/html
date: Wed, 12 Jun 2024 07:43:43 GMT
server: cloudflare
vary: Accept-Encoding

GET
H2 200 slots.svg
www.svgrepo.com/show/439322/ 9 KB
3 KB 291ms
274ms Other
image/svg+xml 76.76.21.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.svgrepo.com/show/439322/slots.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.61 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://yeshuv.site/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:41 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 Jan 2023 01:01:58 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: Vercel
x-vercel-id: sin1::87h8p-1718178221622-ea20038ae188
etag: W/"63bb6786-2319"
strict-transport-security: max-age=63072000
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fNwQGwGSwhY7XKNjpuZLpVkQY3%2BmR6AzOq5Tal80oB6l1Cs4%2FWaPIrkrd8ku3OfVDLya5gdSVXGm4JuqWJ0bZXib3lKONxlG0IjCCerD5N8oFat2HNfHnzDZDml7OoPkano%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: public, max-age=31536000
cf-ray: 8928361d3cd38357-SIN
expires: Fri, 12 Jul 2024 07:43:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
851 B 22ms
6ms Stylesheet
text/css 2404:6800:4003:c06::5f
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Poppins&family=Sen:wght@400..800&display=swap

Requested by

Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c06::5f Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8808f4ae7cee7f4e9ad630b5ad3d88853430a1231c67248ca571421ce7aa9056

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gamesttb.club/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Wed, 12 Jun 2024 07:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Wed, 12 Jun 2024 07:43:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 12 Jun 2024 07:43:43 GMT

GET
H2 200 index.css
oxplay.api-oplbo.com/deny/ 438 B
526 B 53ms
28ms Stylesheet
text/css 185.148.104.39
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://oxplay.api-oplbo.com/deny/index.css

Requested by

Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

a9f44f99438c74db36bd7910cbd4ac499b69b644e9a202e7380ee1a2a21c7915

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gamesttb.club/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
strict-transport-security: max-age=315360000
content-encoding: br
cf-cache-status: HIT
age: 5175
cf-polished: origSize=579
last-modified: Mon, 08 Apr 2024 14:43:31 GMT
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 89283629fec54070-SIN
access-control-allow-headers: *
expires: Wed, 12 Jun 2024 08:13:43 GMT

GET
H2 200 index.js Show response
oxplay.api-oplbo.com/deny/ 3 KB
1 KB 49ms
27ms Script
application/javascript 185.148.104.39
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://oxplay.api-oplbo.com/deny/index.js

Requested by

Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b5691131b2e8eb542af2d2466026edab46a8b89b2b26779c415eb7df929e726

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gamesttb.club/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
strict-transport-security: max-age=315360000
content-encoding: br
cf-cache-status: HIT
age: 3934
cf-polished: origSize=3112
last-modified: Mon, 08 Apr 2024 14:43:31 GMT
cf-bgj: minify
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: *
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 89283629fec84070-SIN
access-control-allow-headers: *
expires: Wed, 12 Jun 2024 08:13:43 GMT

GET
H2 200 restricted.svg
oxplay.api-oplbo.com/deny/ 6 KB
2 KB 33ms
31ms Image
image/svg+xml 185.148.104.39
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxplay.api-oplbo.com/deny/restricted.svg

Requested by

Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a4e18c7290ef1758bac9188a2ae859e80ea9b54c989a251a538072eb1b9b767

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gamesttb.club/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 04 Apr 2024 15:34:00 GMT
server: cloudflare
strict-transport-security: max-age=315360000
age: 5025
vary: Accept-Encoding
access-control-allow-methods: *
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=1800
cf-ray: 8928362a2ef64070-SIN
access-control-allow-headers: *
expires: Wed, 12 Jun 2024 08:13:43 GMT

GET
H2 200 id.png
oxplay.api-oplbo.com/deny/ 928 B
1 KB 31ms
29ms Image
image/webp 185.148.104.39
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxplay.api-oplbo.com/deny/id.png

Requested by

Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

01c7b868948e4ff2901fd57a425b4125572607a69b1e65e4c3a32f60a75991d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gamesttb.club/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
strict-transport-security: max-age=315360000
cf-cache-status: HIT
age: 3934
cf-polished: origFmt=png, origSize=4726
content-disposition: inline; filename="id.webp"
content-length: 928
last-modified: Thu, 04 Apr 2024 15:34:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8928362a3efc4070-SIN
access-control-allow-headers: *
expires: Wed, 12 Jun 2024 08:13:43 GMT

GET
H2 200 gb.png
oxplay.api-oplbo.com/deny/ 1 KB
2 KB 33ms
31ms Image
image/webp 185.148.104.39
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxplay.api-oplbo.com/deny/gb.png

Requested by

Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

56f527b312159bc09a281b5d8e8aa690bcc403ca08fd88d6f5dc570781e25efe

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gamesttb.club/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
strict-transport-security: max-age=315360000
cf-cache-status: HIT
age: 3934
cf-polished: origFmt=png, origSize=1957
content-disposition: inline; filename="gb.webp"
content-length: 1446
last-modified: Thu, 04 Apr 2024 15:34:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8928362a3efd4070-SIN
access-control-allow-headers: *
expires: Wed, 12 Jun 2024 08:13:43 GMT

GET
H2 200 my.png
oxplay.api-oplbo.com/deny/ 2 KB
2 KB 31ms
30ms Image
image/webp 185.148.104.39
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxplay.api-oplbo.com/deny/my.png

Requested by

Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

14618b50e17de3ca84fca8acf04745a93faafd665eeb981fbcdb85c2848473b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gamesttb.club/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
strict-transport-security: max-age=315360000
cf-cache-status: HIT
age: 4379
cf-polished: origFmt=png, origSize=2892
content-disposition: inline; filename="my.webp"
content-length: 2236
last-modified: Thu, 04 Apr 2024 15:34:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8928362a3eff4070-SIN
access-control-allow-headers: *
expires: Wed, 12 Jun 2024 08:13:43 GMT

GET
H2 200 vn.png
oxplay.api-oplbo.com/deny/ 374 B
551 B 28ms
27ms Image
image/webp 185.148.104.39
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxplay.api-oplbo.com/deny/vn.png

Requested by

Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c637fe30428d3153cf4ed75db3c8aa6d9e6c0759e1ea1a05f2515076c149d74

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gamesttb.club/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
strict-transport-security: max-age=315360000
cf-cache-status: HIT
age: 3934
cf-polished: origFmt=png, origSize=909
content-disposition: inline; filename="vn.webp"
content-length: 374
last-modified: Thu, 04 Apr 2024 15:34:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8928362a3f014070-SIN
access-control-allow-headers: *
expires: Wed, 12 Jun 2024 08:13:43 GMT

GET
H2 200 th.jpeg
oxplay.api-oplbo.com/deny/ 2 KB
2 KB 29ms
28ms Image
image/webp 185.148.104.39
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://oxplay.api-oplbo.com/deny/th.jpeg

Requested by

Host: gamesttb.club
URL: https://gamesttb.club/?ref=adminmaxwin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.148.104.39 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

36d529c4c71e837564d5bfdfd584e800d8abeaeed2f874499ab6ab651f091d08

Security Headers

Name	Value
Strict-Transport-Security	max-age=315360000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gamesttb.club/
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
strict-transport-security: max-age=315360000
cf-cache-status: HIT
age: 3934
cf-polished: qual=85, origFmt=jpeg, origSize=3960
content-disposition: inline; filename="th.webp"
content-length: 1722
last-modified: Thu, 04 Apr 2024 15:34:00 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
vary: Accept, Accept-Encoding
access-control-allow-methods: *
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=1800
accept-ranges: bytes
cf-ray: 8928362a3f044070-SIN
access-control-allow-headers: *
expires: Wed, 12 Jun 2024 08:13:43 GMT

GET
H2 200 6xKjdSxYI9_3nPWN.woff2
fonts.gstatic.com/s/sen/v9/ 18 KB
18 KB 18ms
6ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v9/6xKjdSxYI9_3nPWN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&family=Sen:wght@400..800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

408ab4c2881dc29ca3b0c9b69d1964c7272a582546da031f7457457473d14f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gamesttb.club
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 08 Jun 2024 14:34:43 GMT
x-content-type-options: nosniff
age: 320940
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18308
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:47:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 08 Jun 2025 14:34:43 GMT

GET
H2 200 6xKjdSxYI9_3kvWNEmo.woff2
fonts.gstatic.com/s/sen/v9/ 9 KB
9 KB 19ms
8ms Font
font/woff2 2404:6800:4003:c1a::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sen/v9/6xKjdSxYI9_3kvWNEmo.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Poppins&family=Sen:wght@400..800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2404:6800:4003:c1a::5e Singapore, Singapore, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5fd483f4b5e787885595dc9a96f19949726e20d3356f1c2a4835f110091659d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://gamesttb.club
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 11 Jun 2024 17:48:17 GMT
x-content-type-options: nosniff
age: 50126
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8912
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:47:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Jun 2025 17:48:17 GMT

GET
H3

200

main.js Show response
gamesttb.club/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/ Frame 042D
Redirect Chain

https://gamesttb.club/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://gamesttb.club/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

8 KB
4 KB

16ms
16ms

Script
application/javascript

185.148.104.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL

https://gamesttb.club/cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js

Protocol

Server

185.148.104.5 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

061b2df887d6d2360514d62e9c2faf64f990bae7446eb34ab90c533ba15cef1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-SG,en;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
content-encoding: br
x-content-type-options: nosniff
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 8928362aecc95f99-SIN
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Wed, 12 Jun 2024 07:43:43 GMT
server: cloudflare
vary: Accept-Encoding
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/6aac8896f227/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 8928362a7b683e3e-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 403 favicon.ico
gamesttb.club/ 653 B
411 B 14ms
14ms Other
text/html 185.148.104.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesttb.club/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.148.104.5 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b8abae86571cdf335af45fceed4f87be796e4846411a5e1dc1a190147bf0f57

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://gamesttb.club/?ref=adminmaxwin
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
content-encoding: br
server: cloudflare
cf-ray: 8928362afcd85f99-SIN
alt-svc: h3=":443"; ma=86400
vary: Accept-Encoding
content-type: text/html

POST
H3 200 89283629aa933e3e Show response
gamesttb.club/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame 042D 0
405 B 30ms
29ms XHR
text/plain 185.148.104.5
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://gamesttb.club/cdn-cgi/challenge-platform/h/g/jsd/r/89283629aa933e3e
Requested by: Host: gamesttb.club
URL: https://gamesttb.club/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 185.148.104.5 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: en-SG,en;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 12 Jun 2024 07:43:43 GMT
server: cloudflare
cf-ray: 8928362bbdcb5f99-SIN
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain; charset=UTF-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.svgrepo.com
URL: https://www.svgrepo.com/show/439322/slots.svg

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| appendLanguages

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gamesttb.club/	1970-01-20 21:16:20	Name: __cf_bm Value: yyt0JvM1Y2SlXJTZS_iTfS7tnjW4VcUzVjPJKq1hYAE-1718178223-1.0.1.1-kmQt0LLT6vDmegHKuO_XykpIa9UrZEjRvjmh8UPAVNWCrQaR5FKi63X8MUkrX.bKUbasPghtsdHCIlxXL6yAkg
.api-oplbo.com/	1970-01-20 21:16:20	Name: __cf_bm Value: vmSMCWCpCnqchSQbLBe3peWWheDbTjZTg5yoZ.P_fA8-1718178223-1.0.1.1-ua0ml8Oohd8vT609XVeGCpG66wIpj0bPlU_rCfmrcB8v50u07DMtnXEKU6n.itDB_ImSaWlTod.vtJ_4VCbgaA
.gamesttb.club/	1970-01-21 06:01:54	Name: cf_clearance Value: HFFA6WjCkw77cXBlPL9nu1nRNvq6dTQV5UrhWrZbs.E-1718178223-1.0.1.1-zrnt5iIDE2pfn_nJb1lz1CpbdI_DtGVIqyUwA_nAsJRPxsjvHxH9McohnFygU.M5ahLy6PpokPRfZ006uhuZgw

10 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://gamesttb.club/?ref=adminmaxwin Message: Failed to load resource: the server responded with a status of 403 ()
other	warning	URL: https://gamesttb.club/?ref=adminmaxwin(Line 16) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gamesttb.club/?ref=adminmaxwin(Line 16) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gamesttb.club/?ref=adminmaxwin(Line 17) Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gamesttb.club/?ref=adminmaxwin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gamesttb.club/?ref=adminmaxwin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gamesttb.club/?ref=adminmaxwin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gamesttb.club/?ref=adminmaxwin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://gamesttb.club/?ref=adminmaxwin Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://gamesttb.club/favicon.ico Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
fonts.googleapis.com
fonts.gstatic.com
gamesttb.club
itadoriyuji.xyz
oxplay.api-oplbo.com
peradi.id
pub-b3add181191545d98e21847c353e8324.r2.dev
www.svgrepo.com
yeshuv.site
www.svgrepo.com
142.251.175.132
172.67.182.10
172.67.203.83
185.148.104.39
185.148.104.5
2404:6800:4003:c01::84
2404:6800:4003:c06::5f
2404:6800:4003:c1a::5e
2606:4700::6812:223
45.130.230.119
76.76.21.61
01c7b868948e4ff2901fd57a425b4125572607a69b1e65e4c3a32f60a75991d8
04a3d8fb7207e1b23dcf20ffe5eef3682d653931811af1a4034b49f76484cc19
061b2df887d6d2360514d62e9c2faf64f990bae7446eb34ab90c533ba15cef1c
14618b50e17de3ca84fca8acf04745a93faafd665eeb981fbcdb85c2848473b3
2061ea57c0d44ac3b8c1321e9438d644323d5d30759764cbd030bac6488fcf7e
363c973b580f840a7ce8acfd85537306c600977652185a6b6de74a78ec326674
36d529c4c71e837564d5bfdfd584e800d8abeaeed2f874499ab6ab651f091d08
408ab4c2881dc29ca3b0c9b69d1964c7272a582546da031f7457457473d14f3c
4b5691131b2e8eb542af2d2466026edab46a8b89b2b26779c415eb7df929e726
56f527b312159bc09a281b5d8e8aa690bcc403ca08fd88d6f5dc570781e25efe
74b2ab7f9b09d5a6f6ccd6e5f03f360b33f0f1f143f531b2b359a52954c8ee75
7b8abae86571cdf335af45fceed4f87be796e4846411a5e1dc1a190147bf0f57
8808f4ae7cee7f4e9ad630b5ad3d88853430a1231c67248ca571421ce7aa9056
8a4e18c7290ef1758bac9188a2ae859e80ea9b54c989a251a538072eb1b9b767
8c637fe30428d3153cf4ed75db3c8aa6d9e6c0759e1ea1a05f2515076c149d74
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
9d5e2003f798252335c0faf032c62d6cb9b2c6ef4756e301b868398a8346b236
a57cc348ddb662895a3ce6ab7beda296463adbcf148d3ba124a1070d0a8ddacd
a9f44f99438c74db36bd7910cbd4ac499b69b644e9a202e7380ee1a2a21c7915
c0c64baec3fdd695a191ae75c458d5f69b826e2279ca9f350cd5bbe1974c534a
d8f1fa42206e8a95fdd775e992cd098cb433cf8d0520beec34334eaf1162ec9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f2e1354c35d007da969fee34471427de87a2377fecc691b0b387ea2d9c1b007b
f5fd483f4b5e787885595dc9a96f19949726e20d3356f1c2a4835f110091659d

gamesttb.club Open in urlscan Pro 185.148.104.5 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

94 %HTTPS

36 %IPv6

10 Domains

10 Subdomains

12 IPs

2 Countries

1311 kBTransfer

1779 kBSize

3 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gamesttb.club Open in urlscan Pro
185.148.104.5 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

94 %
HTTPS

36 %
IPv6

10
Domains

10
Subdomains

12
IPs

2
Countries

1311 kB
Transfer

1779 kB
Size

3
Cookies

33 HTTP transactions
0 data transactions