urlscan.io logo urlscan.io
SecurityTrails logo

k8.io Open in urlscan Pro
104.18.42.49  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Effective URL: https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
Submission: On November 18 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 3 countries across 21 domains to perform 96 HTTP transactions. The main IP is 104.18.42.49, located in and belongs to . The main domain is k8.io.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 29th 2023. Valid for: a year.
This is the only time k8.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 198.2.196.71 54600 (PEG-SV)
1 9 104.193.88.102 55967 (BAIDU Bei...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 104.193.88.123 55967 (BAIDU Bei...)
1 182.61.201.92 38365 (BAIDU Bei...)
1 5 69.197.129.106 32097 (WII)
25 2606:4700:440... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 108.156.184.59 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 108.138.106.126 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
1 18.164.96.46 16509 (AMAZON-02)
2 108.156.184.16 16509 (AMAZON-02)
3 107.154.133.121 19551 (INCAPSULA)
1 2600:9000:24f... 16509 (AMAZON-02)
1 2620:100:a001::f 19750 (AS-CRITEO)
1 34.102.240.186 396982 (GOOGLE-CL...)
1 2606:4700:20:... ()
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
5 104.18.42.49 ()
2 3.126.133.169 16509 (AMAZON-02)
1 2620:100:a001::c 19750 (AS-CRITEO)
96 23
6    198.2.196.71 (United States)

ASN54600 (PEG-SV, US)
always-app.xyz
9    104.193.88.102 (United States)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
c.mipcdn.com
1    2606:4700:10::6816:37d4 (United States)

ASN13335 (CLOUDFLARENET, US)
assets.vegasslotsonline.com
1    104.193.88.123 (United States)

ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
www.baidu.com
1    182.61.201.92 (China)

ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN)
ziyuan.baidu.com
5    69.197.129.106 (United States)

ASN32097 (WII, US)
PTR: termdot.com
1etu.com
support.bestk8.sbs
25    2606:4700:4400::6812:2a31 (United States)

ASN13335 (CLOUDFLARENET, US)
k8game.io
2    2607:f8b0:4006:823::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    108.156.184.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-59.cmh68.r.cloudfront.net
widget.intercom.io
1    2607:f8b0:4006:81d::2004 (United States)

ASN15169 (GOOGLE, US)
www.google.com
1    108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net
static.hotjar.com
1    2607:f8b0:4006:822::2003 (United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net
script.hotjar.com
2    108.156.184.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-184-16.cmh68.r.cloudfront.net
js.intercomcdn.com
3    107.154.133.121 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.133.121.ip.incapdns.net
sdk.optimove.net
stream-1025.optimove.net
1    2600:9000:24f7:9400:c:7d55:b3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.matomo.cloud
1    2620:100:a001::f (United States)

ASN19750 (AS-CRITEO, US)
dynamic.criteo.com
1    34.102.240.186 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.240.102.34.bc.googleusercontent.com
sdkuaservice.optimove.net
1    2606:4700:20::681a:890 (None, )

ASN- ()
static.app.delivery
1    2606:4700:3031::ac43:a761 (United States)

ASN13335 (CLOUDFLARENET, US)
3ae.jp
5    104.18.42.49 (None, )

ASN- ()
k8.io
2    3.126.133.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
k8.matomo.cloud
1    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
Apex Domain
Subdomains		 Transfer
25 k8game.io
k8game.io
1010 KB
9 mipcdn.com
c.mipcdn.com — Cisco Umbrella Rank: 354053
180 KB
6 always-app.xyz
always-app.xyz
25 KB
5 k8.io
k8.io
52 KB
4 optimove.net
sdk.optimove.net — Cisco Umbrella Rank: 59048
sdkuaservice.optimove.net — Cisco Umbrella Rank: 54804
stream-1025.optimove.net
realtime-1025.optimove.net Failed
25 KB
4 1etu.com
1etu.com
48 KB
3 matomo.cloud
cdn.matomo.cloud — Cisco Umbrella Rank: 16488
k8.matomo.cloud
58 KB
2 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4133
gum.criteo.com — Cisco Umbrella Rank: 454
26 KB
2 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2317
274 KB
2 hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727
script.hotjar.com — Cisco Umbrella Rank: 901
60 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
163 KB
2 baidu.com
www.baidu.com — Cisco Umbrella Rank: 4077
ziyuan.baidu.com — Cisco Umbrella Rank: 427671
1 3ae.jp
3ae.jp
481 B
1 app.delivery
static.app.delivery
1 gstatic.com
www.gstatic.com
187 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 1771
api-iam.intercom.io Failed
3 KB
1 bestk8.sbs
support.bestk8.sbs
148 B
1 vegasslotsonline.com
assets.vegasslotsonline.com
16 KB
0 criteo.net Failed
csm.va.us.criteo.net Failed
0 picimgfield.com Failed
k-img.picimgfield.com Failed
96 21
Domain Requested by
25 k8game.io always-app.xyz
k8game.io
9 c.mipcdn.com 1 redirects always-app.xyz
6 always-app.xyz always-app.xyz
5 k8.io always-app.xyz
k8.io
4 1etu.com always-app.xyz
1etu.com
2 k8.matomo.cloud cdn.matomo.cloud
2 stream-1025.optimove.net sdk.optimove.net
2 js.intercomcdn.com widget.intercom.io
2 www.googletagmanager.com k8game.io
www.googletagmanager.com
k8.io
1 gum.criteo.com dynamic.criteo.com
gum.criteo.com
1 3ae.jp 1 redirects
1 static.app.delivery sdk.optimove.net
1 sdkuaservice.optimove.net k8game.io
1 dynamic.criteo.com always-app.xyz
1 cdn.matomo.cloud always-app.xyz
1 sdk.optimove.net www.googletagmanager.com
1 script.hotjar.com static.hotjar.com
1 www.gstatic.com www.google.com
1 static.hotjar.com k8game.io
k8.io
1 www.google.com k8game.io
k8.io
1 widget.intercom.io k8game.io
k8.io
1 support.bestk8.sbs 1 redirects
1 ziyuan.baidu.com always-app.xyz
1 www.baidu.com always-app.xyz
1 assets.vegasslotsonline.com always-app.xyz
0 csm.va.us.criteo.net Failed gum.criteo.com
0 realtime-1025.optimove.net Failed sdk.optimove.net
0 k-img.picimgfield.com Failed k8game.io
0 api-iam.intercom.io Failed js.intercomcdn.com
96 29

This site contains no links.

Subject Issuer Validity Valid
baidu.com
GlobalSign RSA OV SSL CA 2018		 2023-07-06 -
2024-08-06		 a year crt.sh
vegasslotsonline.com
GTS CA 1P5		 2023-10-26 -
2024-01-24		 3 months crt.sh
1etu.com
R3		 2023-11-18 -
2024-02-16		 3 months crt.sh
k8game.io
Cloudflare Inc ECC CA-3		 2023-03-27 -
2024-03-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.intercom.com
Amazon RSA 2048 M02		 2023-02-14 -
2024-03-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.hotjar.com
Amazon ECDSA 256 M01		 2023-03-09 -
2024-04-06		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.intercomcdn.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-01-29		 a year crt.sh
*.optimove.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-05 -
2024-02-05		 a year crt.sh
cdn.matomo.cloud
Amazon RSA 2048 M03		 2023-10-27 -
2024-11-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-05-06 -
2024-05-05		 a year crt.sh
k8.io
Cloudflare Inc ECC CA-3		 2023-03-29 -
2024-03-28		 a year crt.sh
*.matomo.cloud
Amazon RSA 2048 M02		 2023-06-21 -
2024-07-19		 a year crt.sh

This page contains 4 frames:

Primary Page: https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
Frame ID: 160855C643991D16238FDFF16B651F55
Requests: 35 HTTP requests in this frame

Frame: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Frame ID: 922EB870835E55B54152AC84EFEB290A
Requests: 56 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e128bf6a.js
Frame ID: 65AB91BA5B6FF02F20FCCD44B1CA118E
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=always-app.xyz&origin=onetag
Frame ID: 17E66ADF5421DB0165ECA9D101918439
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide Page URL
  2. https://3ae.jp/i3Wlg HTTP 302
    https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account Page URL

Page Statistics

96
Requests

66 %
HTTPS

43 %
IPv6

21
Domains

29
Subdomains

23
IPs

3
Countries

2128 kB
Transfer

7743 kB
Size


Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide Page URL
  2. https://3ae.jp/i3Wlg HTTP 302
    https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://c.mipcdn.com/static/v2/mip-fixed/mip-fixed.js HTTP 302
  • https://www.baidu.com/search/error.html?tc=31206721220679908874111904
Request Chain 16
  • https://support.bestk8.sbs/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account HTTP 302
  • https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account

96 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
construction.php
always-app.xyz/captcha/ 		26 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
HTTP/1.1
Server
198.2.196.71 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
c13aeda06adfd333abbfa4843ed8424fc39302343f1ec411715984dc823e98df

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sat, 18 Nov 2023 20:52:00 GMT
Server
nginx
Transfer-Encoding
chunked
Vary
Accept-Encoding
gpt.js
always-app.xyz/wp-includes/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://always-app.xyz/wp-includes/js/gpt.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
HTTP/1.1
Server
198.2.196.71 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
e351aad80990ab09a14a7e4d32ce44f8e628ed0b782c4894419307d1d6edd638

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 20:52:00 GMT
Content-Encoding
gzip
Last-Modified
Mon, 19 Jun 2023 02:07:02 GMT
Server
nginx
ETag
W/"648fb846-1bfb"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sun, 19 Nov 2023 08:52:00 GMT
mip.css
c.mipcdn.com/static/v2/ 		28 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://c.mipcdn.com/static/v2/mip.css
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.193.88.102 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash
ac3320cd6903305d4171e856935afcaf5849f097ea9a90270cc76b9f9c1d6f1f

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:00 GMT
content-encoding
gzip
tracecode
19941317160560633354092212, 19941309042669863690092212
ohc-response-time
1 0 0 0 0 0
last-modified
Tue, 07 Jan 2020 09:23:24 GMT
server
JSP3/2.0.14
ohc-cache-hit
sfo01-sys-jorcol02.sfo01.baidu.com [2], jnctcache64 [2]
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=600, stale-while-revalidate=604800
accept-ranges
bytes
ohc-global-saved-time
Sat, 18 Nov 2023 20:42:10 GMT
base.css
always-app.xyz/template/news/mip02/static/css/ 		35 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://always-app.xyz/template/news/mip02/static/css/base.css
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
HTTP/1.1
Server
198.2.196.71 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
4c9b5c6ae97fb11a8ad62f95f66a312007c0132ccdaebea4bb90607ef1f9cee4

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 20:52:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Aug 2019 03:59:04 GMT
Server
nginx
ETag
W/"5d5f6488-8bb4"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sun, 19 Nov 2023 08:52:00 GMT
m.css
always-app.xyz/template/news/mip02/static/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://always-app.xyz/template/news/mip02/static/css/m.css
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
HTTP/1.1
Server
198.2.196.71 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash
176d387bc8a12408c598bf0066e9357ee239803697f2eea223f2616ad3836a56

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 20:52:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 23 Aug 2019 03:59:10 GMT
Server
nginx
ETag
W/"5d5f648e-1b16"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=43200
Connection
keep-alive
Expires
Sun, 19 Nov 2023 08:52:00 GMT
pets-war.jpg
assets.vegasslotsonline.com/vegasslotsonline.com/assets/uploads/games/yoyougaming/images/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.vegasslotsonline.com/vegasslotsonline.com/assets/uploads/games/yoyougaming/images/pets-war.jpg
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:37d4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
66514d7a19ec600d7367e8040f65c57122af58f0e6889d663d356b0ddc71ba77

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:00 GMT
x-amz-version-id
null
cf-cache-status
REVALIDATED
cf-bgj
imgq:85,h2pri
last-modified
Tue, 03 Aug 2021 13:03:27 GMT
server
cloudflare
x-amz-request-id
X97YHQ9CABAZ84YY
cf-polished
degrade=85, origSize=47312
etag
"6608e8c17591c023c4f458f3afb8cb17"
vary
Accept-Encoding
content-type
image/jpeg
accept-ranges
bytes
cf-ray
8283183e8e7f31d8-MIA
content-length
16485
x-amz-id-2
x9C5vH01URci09yPmJicpoErWbI86lyqlAEOdedLFA1X78ggBaKSJlmgzTvJjs3aFlZpM+sLi5g=
mip.js
c.mipcdn.com/static/v2/ 		270 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mipcdn.com/static/v2/mip.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.193.88.102 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:00 GMT
content-encoding
gzip
tracecode
13433951740186029834071712, 13433953022569200394071712
ohc-response-time
1 0 0 0 0 0
last-modified
Tue, 07 Jan 2020 09:23:24 GMT
server
JSP3/2.0.14
ohc-cache-hit
sfo01-sys-jorcol04.sfo01.baidu.com [2], jnctcache51 [2]
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=600, stale-while-revalidate=604800
accept-ranges
bytes
ohc-global-saved-time
Sat, 18 Nov 2023 20:49:54 GMT
mip-stats-baidu.js
c.mipcdn.com/static/v2/mip-stats-baidu/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mipcdn.com/static/v2/mip-stats-baidu/mip-stats-baidu.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.193.88.102 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:00 GMT
content-encoding
br
tracecode
05679563812475797770102605, 05679567570459975946102605
ohc-response-time
1 0 0 0 0 0
last-modified
Thu, 19 Sep 2019 10:23:22 GMT
server
JSP3/2.0.14
ohc-cache-hit
sfo01-sys-jorcol06.sfo01.baidu.com [2], xiangyctcache89 [2]
etag
"5d83571a-4626"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=600, stale-while-revalidate=604800
accept-ranges
bytes
ohc-global-saved-time
Sat, 18 Nov 2023 20:45:48 GMT
mip-gototop.js
c.mipcdn.com/static/v2/mip-gototop/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mipcdn.com/static/v2/mip-gototop/mip-gototop.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.193.88.102 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:00 GMT
content-encoding
br
tracecode
17441359470186029834103122, 17441346180605807370103122
ohc-response-time
1 0 0 0 0 0
last-modified
Thu, 19 Sep 2019 10:23:22 GMT
server
JSP3/2.0.14
ohc-cache-hit
sfo01-sys-jorcol06.sfo01.baidu.com [2], jnctcache66 [2]
etag
"5d83571a-280c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=600, stale-while-revalidate=604800
accept-ranges
bytes
ohc-global-saved-time
Sat, 18 Nov 2023 20:45:12 GMT
mip-history.js
c.mipcdn.com/static/v2/mip-history/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mipcdn.com/static/v2/mip-history/mip-history.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.193.88.102 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:00 GMT
content-encoding
br
tracecode
35244953100412003594110115, 35244960880459975946110115
ohc-response-time
1 0 0 0 0 0
last-modified
Thu, 19 Sep 2019 10:23:22 GMT
server
JSP3/2.0.14
ohc-cache-hit
sfo01-sys-jorcol02.sfo01.baidu.com [2], hsctcache53 [2]
etag
"5d83571a-2374"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=600, stale-while-revalidate=604800
accept-ranges
bytes
ohc-global-saved-time
Sat, 18 Nov 2023 20:45:03 GMT
error.html
www.baidu.com/search/
Redirect Chain
  • https://c.mipcdn.com/static/v2/mip-fixed/mip-fixed.js
  • https://www.baidu.com/search/error.html?tc=31206721220679908874111904
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.baidu.com/search/error.html?tc=31206721220679908874111904
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
HTTP/1.1
Server
104.193.88.123 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date
Sat, 18 Nov 2023 20:52:00 GMT
tracecode
31206721220679908874111904, 31206737412370298634111904
ohc-cache-hit
sfo01-sys-jorcol06.sfo01.baidu.com [1], tjctcache51 [1]
ohc-response-time
0 0 0 0 174 174
server
JSP3/2.0.14
p3p
CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
location
https://www.baidu.com/search/error.html?tc=31206721220679908874111904
access-control-allow-origin
*
content-type
text/html
cache-control
max-age=600, stale-while-revalidate=604800
content-length
160
mip-cambrian.js
c.mipcdn.com/extensions/platform/v2/mip-cambrian/ 		856 B
905 B 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mipcdn.com/extensions/platform/v2/mip-cambrian/mip-cambrian.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.193.88.102 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:00 GMT
content-encoding
br
tracecode
07619430870186029834102922, 07619445922605179658102922
ohc-response-time
1 0 0 0 0 0
last-modified
Mon, 27 May 2019 09:50:17 GMT
server
JSP3/2.0.14
ohc-cache-hit
sfo01-sys-jorcol09.sfo01.baidu.com [2], wzctcache79 [2]
etag
"5cebb2d9-358"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=120
accept-ranges
bytes
ohc-global-saved-time
Sat, 18 Nov 2023 20:50:03 GMT
expires
Sat, 18 Nov 2023 20:52:03 GMT
mip-sidebar.js
c.mipcdn.com/static/v2/mip-sidebar/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mipcdn.com/static/v2/mip-sidebar/mip-sidebar.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.193.88.102 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:00 GMT
content-encoding
gzip
tracecode
30409992682475797770101612, 30409995010459975946101612
ohc-response-time
1 0 0 0 0 0
last-modified
Thu, 19 Sep 2019 10:23:22 GMT
server
JSP3/2.0.14
ohc-cache-hit
sfo01-sys-jorcol06.sfo01.baidu.com [2], xactcache103 [2]
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=600, stale-while-revalidate=604800
accept-ranges
bytes
ohc-global-saved-time
Sat, 18 Nov 2023 20:43:15 GMT
mip-script.js
c.mipcdn.com/static/v2/mip-script/ 		178 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.mipcdn.com/static/v2/mip-script/mip-script.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
104.193.88.102 , United States, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
JSP3/2.0.14 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:00 GMT
content-encoding
br
tracecode
07007471530243641610070322, 07007672290746770442070322
ohc-response-time
1 0 0 0 0 0
last-modified
Thu, 19 Sep 2019 10:23:22 GMT
server
JSP3/2.0.14
ohc-cache-hit
sfo01-sys-jorcol09.sfo01.baidu.com [2], nb2ctcache61 [2]
etag
"5d83571a-2c963"
vary
Accept-Encoding, Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=600, stale-while-revalidate=604800
accept-ranges
bytes
ohc-global-saved-time
Sat, 18 Nov 2023 20:43:45 GMT
image.gif
ziyuan.baidu.com/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ziyuan.baidu.com/image.gif
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
182.61.201.92 , China, ASN38365 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
matomo.js
1etu.com/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1etu.com/matomo.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/wp-includes/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.197.129.106 , United States, ASN32097 (WII, US),
Reverse DNS
termdot.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Sat, 18 Nov 2023 20:52:00 GMT
content-encoding
gzip
last-modified
Fri, 25 Aug 2023 09:56:23 GMT
server
nginx
etag
W/"64e87ac7-10132"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
expires
Sat, 18 Nov 2023 21:52:00 GMT
vip-reg
k8game.io/ Frame 922E
Redirect Chain
  • https://support.bestk8.sbs/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
  • https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/wp-includes/js/gpt.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

Referer
http://always-app.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-method
*
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
828318411bb9d9dd-MIA
content-encoding
br
content-type
text/html
date
Sat, 18 Nov 2023 20:52:01 GMT
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
ON

Redirect headers

content-length
138
content-type
text/html
date
Sat, 18 Nov 2023 20:52:00 GMT
location
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
server
nginx
strict-transport-security
max-age=31536000
jt.png
always-app.xyz/template/news/mip02/static/images/ 		173 B
475 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://always-app.xyz/template/news/mip02/static/images/jt.png
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/template/news/mip02/static/css/base.css
Protocol
HTTP/1.1
Server
198.2.196.71 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/template/news/mip02/static/css/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 20:52:00 GMT
Last-Modified
Fri, 23 Aug 2019 03:57:58 GMT
Server
nginx
ETag
"5d5f6446-ad"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
173
Expires
Mon, 18 Dec 2023 20:52:00 GMT
v.png
always-app.xyz/template/news/mip02/static/images/ 		852 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://always-app.xyz/template/news/mip02/static/images/v.png
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/template/news/mip02/static/css/base.css
Protocol
HTTP/1.1
Server
198.2.196.71 , United States, ASN54600 (PEG-SV, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/template/news/mip02/static/css/base.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Sat, 18 Nov 2023 20:52:00 GMT
Last-Modified
Fri, 23 Aug 2019 03:58:00 GMT
Server
nginx
ETag
"5d5f6448-354"
Content-Type
image/png
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
852
Expires
Mon, 18 Dec 2023 20:52:00 GMT
matomo.php
1etu.com/ 		0
138 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://1etu.com/matomo.php?action_name=always-app.xyz%2F&idsite=7&rec=1&r=858851&h=10&m=52&s=0&url=http%3A%2F%2Falways-app.xyz%2Fcaptcha%2Fconstruction.php%3Ftried%3Dmhxmf9a9hdmp99f0d%26seen%3Deveryone%26europe%3Dslide&_id=a3c42281ee3206bb&_idn=1&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=wqeR7n&pf_net=252&pf_srv=22115&pf_tfr=1&uadata=%7B%7D
Requested by
Host: 1etu.com
URL: https://1etu.com/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.197.129.106 , United States, ASN32097 (WII, US),
Reverse DNS
termdot.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://always-app.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
http://always-app.xyz
date
Sat, 18 Nov 2023 20:52:01 GMT
strict-transport-security
max-age=31536000
access-control-allow-credentials
true
server
nginx
loading-logo.png
k8game.io/img/ Frame 922E 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k8game.io/img/loading-logo.png
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=8777
content-disposition
inline; filename="loading-logo.webp"
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-2249"
vary
Accept
x-frame-options
ON
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
828318432f13d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:01 GMT
yunwei.js
k8game.io/saconfig/secure/ Frame 922E 		676 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/saconfig/secure/yunwei.js?5667803
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 16 Nov 2023 05:31:47 GMT
server
cloudflare
etag
W/"6555a943-2a4"
x-frame-options
ON
content-type
application/javascript
access-control-allow-origin
*
cf-ray
828318437f95d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
loading-animation.png
k8game.io/img/ Frame 922E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k8game.io/img/loading-animation.png?v=20220516
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
cf-polished
origSize=28558, status=webp_bigger
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-6f8e"
vary
Accept-Encoding
x-frame-options
ON
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
828318437f98d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:01 GMT
3s_web_detect.js
k8game.io/cdn/34dtfrFM/static/saconfig/secure/ Frame 922E 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=e9527c&module=frontend_web&v=20220401
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:01 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-b17d"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
828318454a20d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:01 GMT
matomo.php
1etu.com/ 		0
138 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://1etu.com/matomo.php?action_name=always-app.xyz%2F%E3%80%90%E2%9D%A4%EF%B8%8Fpartido%20del%20liverpool%20en%20la%20champions%E2%9D%A4%EF%B8%8F%20smn%20santa%20rosa%20pronostico%20san%20nicolas%20de%20los%20arroyos%E3%80%91%20%E3%80%90%E2%9A%A1partido%20del%20liverpool%20en%20la%20champions%E2%9A%A1%20smn%20santa%20rosa%20pronostico%20san%20nicolas%20de%20los%20arroyos%E3%80%91%20%E3%80%90%F0%9F%92%B2partido%20del%20liverpool%20en%20la%20champions%F0%9F%92%B2%20smn%20santa%20rosa%20pronostico%20san%20nicolas%20de%20los%20arroyos%E3%80%91%20%F0%9F%92%B2partido%20del%20liverpool%20en%20la%20champions%F0%9F%92%B2%20smn%20santa%20rosa%20pronostico%20san%20nicolas%20de%20los%20arroyos%20partido%20boca%20en%20vivo%20espn%20always-app.xyz&idsite=7&rec=1&r=107974&h=10&m=52&s=1&url=http%3A%2F%2Falways-app.xyz%2Fcaptcha%2Fconstruction.php%3Ftried%3Dmhxmf9a9hdmp99f0d%26seen%3Deveryone%26europe%3Dslide&_id=a3c42281ee3206bb&_idn=0&send_image=0&_refts=0&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=Lnjv9Q&pf_net=252&pf_srv=22115&pf_tfr=1&uadata=%7B%7D
Requested by
Host: 1etu.com
URL: https://1etu.com/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.197.129.106 , United States, ASN32097 (WII, US),
Reverse DNS
termdot.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
http://always-app.xyz/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
http://always-app.xyz
date
Sat, 18 Nov 2023 20:52:02 GMT
strict-transport-security
max-age=31536000
access-control-allow-credentials
true
server
nginx
matomo.js
1etu.com/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://1etu.com/matomo.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.197.129.106 , United States, ASN32097 (WII, US),
Reverse DNS
termdot.com
Software
nginx /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
http://always-app.xyz/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
public
date
Sat, 18 Nov 2023 20:52:01 GMT
content-encoding
gzip
last-modified
Fri, 25 Aug 2023 09:56:23 GMT
server
nginx
etag
W/"64e87ac7-10132"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600, public
expires
Sat, 18 Nov 2023 21:52:01 GMT
chunk-libs.c66bc36b.css
k8game.io/cdn/34dtfrFM/static/css/ Frame 922E 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/css/chunk-libs.c66bc36b.css
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-38c5"
vary
Accept-Encoding
x-frame-options
ON
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
828318479dbad9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:02 GMT
app.9b0aa801.css
k8game.io/cdn/34dtfrFM/static/css/ Frame 922E 		363 KB
70 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/css/app.9b0aa801.css
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=371890
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-5acb2"
vary
Accept-Encoding
x-frame-options
ON
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
828318479dbed9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:02 GMT
runtime.7b287dfa.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-360e"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
828318479dc2d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:02 GMT
chunk-libs.4004cbdd.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		1 MB
379 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/chunk-libs.4004cbdd.js
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=1214515
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-128833"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
828318479dc6d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:02 GMT
app.fb283c9f.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		1 MB
295 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/app.fb283c9f.js
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:03 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-127c82"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
828318479dc9d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:02 GMT
gtm.js
www.googletagmanager.com/ Frame 922E 		219 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5K3SKXN
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73676
x-xss-protection
0
last-modified
Sat, 18 Nov 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 18 Nov 2023 20:52:02 GMT
dx65f6m0
widget.intercom.io/widget/ Frame 922E 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widget.intercom.io/widget/dx65f6m0
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-59.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
DFWv45qYo9qpoNNvnim0iMficGj2Z9vI
content-encoding
gzip
via
1.1 2da8dd4c67461e73843e03d8fb933e64.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 20:31:31 GMT
x-amz-cf-pop
CMH68-P2
age
1283
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
2705
last-modified
Fri, 17 Nov 2023 12:45:06 GMT
server
AmazonS3
etag
"c5383fa331ec2fb9709b54e178c7ffd4"
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
cache-control
max-age=900, s-maxage=900, public
accept-ranges
bytes
x-amz-cf-id
sHQEShN5yhXzzOx5uKFCmBUYuOiyuAQffaSMfRWpB432A8eTMsjIlw==
api.js
www.google.com/recaptcha/ Frame 922E 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2004 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Sat, 18 Nov 2023 20:52:02 GMT
hotjar-3636929.js
static.hotjar.com/c/ Frame 922E 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-3636929.js?sv=6
Requested by
Host: k8game.io
URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.106.126 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-106-126.jfk50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=2592000; includeSubDomains
content-encoding
br
x-content-type-options
nosniff
date
Sat, 18 Nov 2023 20:52:02 GMT
via
1.1 54798bbc2ce3e33c706761634ac87e48.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P3
age
12
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
etag
W/31e0a2ba488c410b026a2dd90736a184
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
cache-control
max-age=60
x-amz-cf-id
S9JK9LK6l2mj78Jb6hyI-gTfly8vrUj2YNhNJa1anOgDTvhhQqsYPg==
recaptcha__en.js
www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/ Frame 922E 		465 KB
187 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/-QbJqHfGOUB8nuVRLvzFLVed/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:822::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://k8game.io/
Origin
https://k8game.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 09:32:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
40782
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
190682
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 05:42:11 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sun, 17 Nov 2024 09:32:20 GMT
modules.78e2d84033035343416f.js
script.hotjar.com/ Frame 922E 		225 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.78e2d84033035343416f.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3636929.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.164.96.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-164-96-46.jfk50.r.cloudfront.net
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 13:20:06 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=2592000; includeSubDomains
via
1.1 53a1f042d35b1ad7e45dd18908041b36.cloudfront.net (CloudFront)
x-amz-cf-pop
JFK50-P5
age
199916
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
57067
last-modified
Thu, 16 Nov 2023 13:19:14 GMT
etag
"7b69405e970c278e52f057627811a838"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
DgbX2rM6ltIG0H-EEyCZqYm_A3VzfBIT8e6y9aOvQs9V_f0rvNqf2A==
frame-modern.e128bf6a.js
js.intercomcdn.com/ Frame 65AB 		513 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.e128bf6a.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/dx65f6m0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-16.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
bxPy0N85GvKf.eRlOLVZeTabeXzBKF0s
content-encoding
gzip
via
1.1 dfadeb49b0e79d8ca3251c51b8dc6acc.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 20:45:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
CMH68-P2
age
412
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
144832
last-modified
Fri, 17 Nov 2023 12:42:44 GMT
server
AmazonS3
etag
"c7761a8867bd903a362109fe3d207d33"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
qT0RqxXQIu297Z8F2fNLKY6dWhztYJOaGKjAovEKDRTWYiwkrLarqQ==
vendor-modern.39b0b15a.js
js.intercomcdn.com/ Frame 65AB 		426 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.39b0b15a.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/dx65f6m0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.156.184.16 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-156-184-16.cmh68.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

x-amz-version-id
mGzxzzETRqhXXHiYJCH1MEbFxhCW3m45
content-encoding
gzip
via
1.1 dfadeb49b0e79d8ca3251c51b8dc6acc.cloudfront.net (CloudFront)
date
Sat, 18 Nov 2023 20:07:47 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
CMH68-P2
age
2656
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
133793
last-modified
Wed, 15 Nov 2023 16:54:07 GMT
server
AmazonS3
etag
"c3d7c800929ac60bd7338a4bf9c3f40b"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=31536000, s-maxage=7200, public
accept-ranges
bytes
x-amz-cf-id
q9tV2w4BRp4y3JuSDwV28ZzXyqvORxRnVn56_7ceuV_sCFa3j1K1Rw==
NotoSans-Regular.b98743c6.woff2
k8game.io/cdn/34dtfrFM/static/fonts/ Frame 922E 		177 KB
177 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/fonts/NotoSans-Regular.b98743c6.woff2
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/css/app.9b0aa801.css
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

Referer
https://k8game.io/cdn/34dtfrFM/static/css/app.9b0aa801.css
Origin
https://k8game.io
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:02 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
content-length
180932
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
"65549c66-2c2c4"
x-frame-options
ON
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=16070400
accept-ranges
bytes
cf-ray
8283184a8abed9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:02 GMT
js
www.googletagmanager.com/gtag/ Frame 922E 		272 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JRN9RZ04R1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K3SKXN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:823::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92501
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 18 Nov 2023 20:52:02 GMT
/
sdk.optimove.net/websdk/ Frame 922E 		153 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sdk.optimove.net/websdk/?tenant_id=1025&tenant_token=9d3c1217674c4361b740df995323bd29
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5K3SKXN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:02 GMT
content-encoding
gzip
x-cdn
Imperva
etag
W/"26583-gEpKgmazuuAjmWy52k4Kb1vidy8"
content-type
text/javascript; charset=utf-8
x-iinfo
13-178529053-0 0CNN RT(1700340722041 58) q(0 -1 -1 -1) r(1 -1)
cache-control
max-age=2369, public, no-transform
x-incap-sess-cookie-hdr
bBoHVYJ11XedWaGqimAecPIjWWUAAAAAXQOTFto4VXwEEsfb4/CYxw==
content-length
24622
expires
Sat, 18 Nov 2023 21:31:31 GMT
matomo.js
cdn.matomo.cloud/k8.matomo.cloud/ Frame 922E 		199 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.matomo.cloud/k8.matomo.cloud/matomo.js
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f7:9400:c:7d55:b3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 18:03:11 GMT
x-amz-version-id
2a5ms9BS3WWa3zjNxvwjsa3POpqGRXAu
content-encoding
gzip
strict-transport-security
max-age=31536000
via
1.1 b7f97186b1999ddac2896624abb211e4.cloudfront.net (CloudFront)
x-amz-cf-pop
CMH68-P1
age
10132
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 02 Nov 2023 04:56:53 GMT
server
CloudFront
etag
W/"ac6976c577d35263e75c996234e0088a"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=691200
x-amz-cf-id
C1BLXvNtHEgl4irtHLTQwwsMHUyo63UXBEVp6re7dsN6457a4jo6Yg==
ld.js
dynamic.criteo.com/js/ld/ Frame 922E 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=109111
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::f , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:02 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
/
sdkuaservice.optimove.net/ Frame 922E 		414 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sdkuaservice.optimove.net/
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=e9527c&module=frontend_web&v=20220401
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.240.186 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.240.102.34.bc.googleusercontent.com
Software
/ Express
Resource Hash

Request headers

Referer
https://k8game.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=utf-8

Response headers

access-control-allow-origin
*
date
Sat, 18 Nov 2023 20:52:04 GMT
via
1.1 google
x-powered-by
Express
content-length
414
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
optimove-web-bundle.js
static.app.delivery/sdks/web/ Frame 922E 		131 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://static.app.delivery/sdks/web/optimove-web-bundle.js
Requested by
Host: sdk.optimove.net
URL: https://sdk.optimove.net/websdk/?tenant_id=1025&tenant_token=9d3c1217674c4361b740df995323bd29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:890 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2146
content-encoding
br
last-modified
Wed, 15 Nov 2023 16:10:21 GMT
server
cloudflare
etag
W/"6554ed6d-20aa3"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIgVQvMDoZKH%2FOH9Aq8YTnC6qHiIxTiDZL07WiPeg8E8KxF9DW%2BYJxKiWS6TOrXwpbt9QiN9wZmsfBEr72tEn4yO6jtTbP3Jh7hQ6%2FBznv%2B1VRhU7Pmni8TFhoRhbeo1YL%2FwbvqJBJYVQ1M%2FRbFpVM4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=3600
cf-ray
8283185a0b44db29-MIA
expires
Sat, 18 Nov 2023 21:16:18 GMT
/
stream-1025.optimove.net/ Frame 922E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stream-1025.optimove.net/
Requested by
Host: sdk.optimove.net
URL: https://sdk.optimove.net/websdk/?tenant_id=1025&tenant_token=9d3c1217674c4361b740df995323bd29
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/ Express
Resource Hash

Request headers

Accept
application/json
Referer
https://k8game.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
X-Request-ID
ac4e2a5b-da3f-45d0-b825-dfa9fa388370
Content-Type
application/json

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
via
1.1 google
content-encoding
gzip
x-cdn
Imperva
x-powered-by
Express
etag
W/"31-gmgjVIacL2XESDvuYUa7018M5Q0"
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-iinfo
12-151031302-151030374 PNYN RT(1700340722581 1971) q(0 0 0 -1) r(1 1) U6
x-incap-sess-cookie-hdr
ssqnYRdmihhYW6GqimAecPQjWWUAAAAAnP9s6ktFVAre4iYGy4WaQA==
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
Primary Request /
k8.io/
Redirect Chain
  • https://3ae.jp/i3Wlg
  • https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
Requested by
Host: always-app.xyz
URL: http://always-app.xyz/captcha/construction.php?tried=mhxmf9a9hdmp99f0d&seen=everyone&europe=slide
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.49 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

Referer
http://always-app.xyz/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

access-control-allow-headers
*
access-control-allow-method
*
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-ray
8283185c38ec5c63-MIA
content-encoding
br
content-type
text/html
date
Sat, 18 Nov 2023 20:52:05 GMT
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
strict-transport-security
max-age=15552000; includeSubDomains; preload
vary
Accept-Encoding
x-frame-options
ON

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8283185a7c48336d-MIA
content-type
text/html; charset=UTF-8
date
Sat, 18 Nov 2023 20:52:05 GMT
location
https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9T2xQ9PMLNoIE2TPWsa7rZRVuiaI7OCDK2Sr6Ai2dQhmQO8MhoCm8IpSzoZMqh9F2kYaq%2FGbRSJcgrHQv02Su9CTcg2nfjNj6lYfWMuDbAV0IwacGUum97bgek%2F8ZLqsrWNLtzQ%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
matomo.php
k8.matomo.cloud/ Frame 922E 		0
171 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://k8.matomo.cloud/matomo.php?action_name=k8game.io%2FTop%20of%20world%20Crypto%20Gambling%20-%20K8&idsite=1&rec=1&r=285077&h=10&m=52&s=3&url=https%3A%2F%2Fk8game.io%2Fvip-reg%3Finvite%3Dk8es%26gtab%3DVIP64%26modal%3Dregister%26tab%3Daccount&urlref=http%3A%2F%2Falways-app.xyz%2F&_id=1102e57d33391dd2&_idn=1&send_image=0&_refts=1700340723&_ref=http%3A%2F%2Falways-app.xyz%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=FU2hEI&pf_net=88&pf_srv=286&pf_tfr=7&pf_dm1=366&pf_dm2=312&pf_onl=0&uadata=%7B%7D
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/k8.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Referer
https://k8game.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://k8game.io
date
Sat, 18 Nov 2023 20:52:04 GMT
access-control-allow-credentials
true
server
Apache
vary
Origin,X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
syncframe
gum.criteo.com/ Frame 17E6 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=always-app.xyz&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=109111
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://k8game.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 18 Nov 2023 20:52:04 GMT
server
Kestrel
server-processing-duration-in-ticks
331179
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
matomo.php
k8.matomo.cloud/ Frame 922E 		0
170 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://k8.matomo.cloud/matomo.php?action_name=k8game.io%2FTop%20of%20world%20Crypto%20Gambling%20-%20K8&idsite=1&rec=1&r=362918&h=10&m=52&s=3&url=https%3A%2F%2Fk8game.io%2Fvip-reg%3Finvite%3Dk8es%26gtab%3DVIP64%26modal%3Dregister%26tab%3Daccount&urlref=http%3A%2F%2Falways-app.xyz%2F&_id=2c5a91cdd68e76f7&_idn=1&send_image=0&_refts=1700340723&_ref=http%3A%2F%2Falways-app.xyz%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=ftbzUR&pf_net=88&pf_srv=286&pf_tfr=7&pf_dm1=366&pf_dm2=312&pf_onl=0&uadata=%7B%7D
Requested by
Host: cdn.matomo.cloud
URL: https://cdn.matomo.cloud/k8.matomo.cloud/matomo.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.126.133.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-133-169.eu-central-1.compute.amazonaws.com
Software
Apache /
Resource Hash

Request headers

Referer
https://k8game.io/
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

access-control-allow-origin
https://k8game.io
date
Sat, 18 Nov 2023 20:52:04 GMT
access-control-allow-credentials
true
server
Apache
vary
Origin,X-Forwarded-Port-Override,X-Forwarded-Proto-Override,User-Agent
/
stream-1025.optimove.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://stream-1025.optimove.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.133.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.133.121.ip.incapdns.net
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-request-id
Access-Control-Request-Method
POST
Origin
https://k8game.io
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-headers
content-type,x-request-id
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
*
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Sat, 18 Nov 2023 20:52:04 GMT
vary
Access-Control-Request-Headers
via
1.1 google
x-cdn
Imperva
x-iinfo
12-151031302-151030374 PNNN RT(1700340722581 1817) q(0 0 0 -1) r(2 2) U6
x-incap-sess-cookie-hdr
89k7V4XVomZYW6GqimAecPQjWWUAAAAAQY7lAG6zGtXT44ls+RRxuw==
x-powered-by
Express
truncated
/ Frame 922E 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 922E 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 922E 		6 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 922E 		4 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash

Request headers

accept-language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
chunk-commons.80d8ffa1.css
k8game.io/cdn/34dtfrFM/static/css/ Frame 922E 		57 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/css/chunk-commons.80d8ffa1.css
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=58301
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-e3bd"
vary
Accept-Encoding
x-frame-options
ON
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
82831859a8f0d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:04 GMT
chunk-commons.1b8f784b.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		71 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/chunk-commons.1b8f784b.js
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-11bc4"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
82831859a8f2d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
chunk-72a25d66.54015f64.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		115 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/chunk-72a25d66.54015f64.js
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-1cdd4"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
82831859a8f5d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:04 GMT
chunk-04c6b875.90b0d5bb.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		0
0
chunk-7fd160ba.5dd4f581.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		790 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/chunk-7fd160ba.5dd4f581.js
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=809697
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-c5ae1"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
82831859a8f7d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:04 GMT
vipReg.89b081f6.css
k8game.io/cdn/34dtfrFM/static/css/ Frame 922E 		35 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/css/vipReg.89b081f6.css
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:04 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=35386
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-8a3a"
vary
Accept-Encoding
x-frame-options
ON
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
82831859b90ed9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:04 GMT
vipReg.ce44b5d1.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		60 KB
0 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/vipReg.ce44b5d1.js
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-ee23"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
82831859b90fd9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
chunk-8c39b936.3af58725.css
k8game.io/cdn/34dtfrFM/static/css/ Frame 922E 		12 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/css/chunk-8c39b936.3af58725.css
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-30a5"
vary
Accept-Encoding
x-frame-options
ON
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
8283185d0e1ed9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
chunk-8c39b936.ee18dc5f.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/chunk-8c39b936.ee18dc5f.js
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-6f41"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
8283185d0e2cd9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
chunk-892a081c.e6525b58.css
k8game.io/cdn/34dtfrFM/static/css/ Frame 922E 		0
0
chunk-892a081c.29613836.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		0
0
chunk-4e9a1ca2.a29965d7.css
k8game.io/cdn/34dtfrFM/static/css/ Frame 922E 		1 KB
465 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/css/chunk-4e9a1ca2.a29965d7.css
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-437"
vary
Accept-Encoding
x-frame-options
ON
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
8283185d0e27d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
chunk-4e9a1ca2.efb8da94.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		2 KB
724 B 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/chunk-4e9a1ca2.efb8da94.js
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-752"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
8283185d0e2fd9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
chunk-2afbab4d.03e4eb4b.css
k8game.io/cdn/34dtfrFM/static/css/ Frame 922E 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/css/chunk-2afbab4d.03e4eb4b.css
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-polished
origSize=5686
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-1636"
vary
Accept-Encoding
x-frame-options
ON
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
8283185d0e28d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
chunk-2afbab4d.622f25b3.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/chunk-2afbab4d.622f25b3.js
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-1aea"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
8283185d0e30d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
chunk-48155360.4638ae64.css
k8game.io/cdn/34dtfrFM/static/css/ Frame 922E 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/css/chunk-48155360.4638ae64.css
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-9ac"
vary
Accept-Encoding
x-frame-options
ON
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
8283185d0e2ad9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
chunk-48155360.c5e77c74.js
k8game.io/cdn/34dtfrFM/static/js/ Frame 922E 		903 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://k8game.io/cdn/34dtfrFM/static/js/chunk-48155360.c5e77c74.js
Requested by
Host: k8game.io
URL: https://k8game.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:4400::6812:2a31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-387"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
8283185d0e32d9dd-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
jsencrypt.js
k8game.io/cdn/34dtfrFM/static/saconfig/secure/ Frame 922E 		0
0
paho-mqtt.js
k8game.io/cdn/34dtfrFM/static/saconfig/secure/ Frame 922E 		0
0
ping
api-iam.intercom.io/messenger/web/ Frame 65AB 		0
0
query
k8game.io/_api_/cms/v1/seo/web/ Frame 922E 		0
0
queryActivityConstants
k8game.io/_api_/throne-api/activity/ Frame 922E 		0
0
json
gum.criteo.com/sid/ Frame 17E6 		0
0
json_version_list.json
k-img.picimgfield.com/live/json/ Frame 922E 		0
0
checkIp
k8game.io/_api_/api/v1/common/ Frame 922E 		0
0
config
k8game.io/_api_/api/v1/common/ Frame 922E 		0
0
loading.08b0308b.png
k8game.io/cdn/34dtfrFM/static/img/ Frame 922E 		0
0
reportEvent
realtime-1025.optimove.net/ Frame 		0
0
reportEvent
realtime-1025.optimove.net/ Frame 922E 		0
0
iev
csm.va.us.criteo.net/ Frame 17E6 		0
0
iex
csm.va.us.criteo.net/ Frame 17E6 		0
0
loading-logo.png
k8.io/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k8.io/img/loading-logo.png
Requested by
Host: k8.io
URL: https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.49 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
cf-polished
origFmt=png, origSize=8777
content-disposition
inline; filename="loading-logo.webp"
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-2249"
vary
Accept
x-frame-options
ON
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
82831860c9ac5c63-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:06 GMT
yunwei.js
k8.io/saconfig/secure/ 		676 B
615 B 		Script
General
Check archive.org
Download Go to
Full URL
https://k8.io/saconfig/secure/yunwei.js?5667803
Requested by
Host: k8.io
URL: https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.49 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Thu, 16 Nov 2023 05:31:47 GMT
server
cloudflare
etag
W/"6555a943-2a4"
x-frame-options
ON
content-type
application/javascript
access-control-allow-origin
*
cf-ray
82831860f9fe5c63-MIA
access-control-allow-headers
*
access-control-allow-method
*
loading-animation.png
k8.io/img/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://k8.io/img/loading-animation.png?v=20220516
Requested by
Host: k8.io
URL: https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.49 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:05 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
cf-cache-status
HIT
age
4346
cf-polished
origSize=28558, status=webp_bigger
cf-bgj
imgq:100,h2pri
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-6f8e"
vary
Accept-Encoding
x-frame-options
ON
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
828318611a2b5c63-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:05 GMT
3s_web_detect.js
k8.io/cdn/34dtfrFM/static/saconfig/secure/ 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://k8.io/cdn/34dtfrFM/static/saconfig/secure/3s_web_detect.js?product=e9527c&module=frontend_web&v=20220401
Requested by
Host: k8.io
URL: https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.18.42.49 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Frame-Options ON

Request headers

accept-language
en-US,en;q=0.9
Referer
https://k8.io/?invite=esk8club&Guge=VIP69&Welcome&modal=register&tab=account
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Sat, 18 Nov 2023 20:52:06 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
br
cf-cache-status
HIT
age
4420
cf-bgj
minify
last-modified
Wed, 15 Nov 2023 10:24:38 GMT
server
cloudflare
etag
W/"65549c66-b17d"
x-frame-options
ON
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=16070400
cf-ray
82831863afa75c63-MIA
access-control-allow-headers
*
access-control-allow-method
*
expires
Wed, 22 May 2024 20:52:06 GMT
chunk-libs.c66bc36b.css
k8.io/cdn/34dtfrFM/static/css/ 		0
0
app.9b0aa801.css
k8.io/cdn/34dtfrFM/static/css/ 		0
0
runtime.7b287dfa.js
k8.io/cdn/34dtfrFM/static/js/ 		0
0
chunk-libs.4004cbdd.js
k8.io/cdn/34dtfrFM/static/js/ 		0
0
app.fb283c9f.js
k8.io/cdn/34dtfrFM/static/js/ 		0
0
gtm.js
www.googletagmanager.com/ 		0
0
dx65f6m0
widget.intercom.io/widget/ 		0
0
api.js
www.google.com/recaptcha/ 		0
0
hotjar-3636929.js
static.hotjar.com/c/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
k8game.io
URL
https://k8game.io/cdn/34dtfrFM/static/js/chunk-04c6b875.90b0d5bb.js
Domain
k8game.io
URL
https://k8game.io/cdn/34dtfrFM/static/css/chunk-892a081c.e6525b58.css
Domain
k8game.io
URL
https://k8game.io/cdn/34dtfrFM/static/js/chunk-892a081c.29613836.js
Domain
k8game.io
URL
https://k8game.io/cdn/34dtfrFM/static/saconfig/secure/jsencrypt.js
Domain
k8game.io
URL
https://k8game.io/cdn/34dtfrFM/static/saconfig/secure/paho-mqtt.js
Domain
api-iam.intercom.io
URL
https://api-iam.intercom.io/messenger/web/ping
Domain
k8game.io
URL
https://k8game.io/_api_/cms/v1/seo/web/query
Domain
k8game.io
URL
https://k8game.io/_api_/throne-api/activity/queryActivityConstants
Domain
gum.criteo.com
URL
https://gum.criteo.com/sid/json?origin=onetag&domain=k8game.io&sn=ChromeSyncframe&so=0&topUrl=always-app.xyz&lsw=1&topicsavail=0&fledgeavail=0
Domain
k-img.picimgfield.com
URL
https://k-img.picimgfield.com/live/json/json_version_list.json?v=1700340725735
Domain
k8game.io
URL
https://k8game.io/_api_/api/v1/common/checkIp
Domain
k8game.io
URL
https://k8game.io/_api_/api/v1/common/config
Domain
k8game.io
URL
https://k8game.io/cdn/34dtfrFM/static/img/loading.08b0308b.png
Domain
realtime-1025.optimove.net
URL
https://realtime-1025.optimove.net/reportEvent
Domain
realtime-1025.optimove.net
URL
https://realtime-1025.optimove.net/reportEvent
Domain
csm.va.us.criteo.net
URL
https://csm.va.us.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1
Domain
csm.va.us.criteo.net
URL
https://csm.va.us.criteo.net/iex?gPath=Gum.ChromeSyncframe.SidReadError&msg=Failed%20to%20fetch&tag=Gum&tag=ChromeSyncframe&tag=SidReadError
Domain
k8.io
URL
https://k8.io/cdn/34dtfrFM/static/css/chunk-libs.c66bc36b.css
Domain
k8.io
URL
https://k8.io/cdn/34dtfrFM/static/css/app.9b0aa801.css
Domain
k8.io
URL
https://k8.io/cdn/34dtfrFM/static/js/runtime.7b287dfa.js
Domain
k8.io
URL
https://k8.io/cdn/34dtfrFM/static/js/chunk-libs.4004cbdd.js
Domain
k8.io
URL
https://k8.io/cdn/34dtfrFM/static/js/app.fb283c9f.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-5K3SKXN
Domain
widget.intercom.io
URL
https://widget.intercom.io/widget/dx65f6m0
Domain
www.google.com
URL
https://www.google.com/recaptcha/api.js?render=explicit
Domain
static.hotjar.com
URL
https://static.hotjar.com/c/hotjar-3636929.js?sv=6

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

Cookies

2 Console Messages

Source Level URL
Text
other error URL: https://k8game.io/vip-reg?invite=k8es&gtab=VIP64&modal=register&tab=account
Message:
Invalid 'X-Frame-Options' header encountered when loading 'https://k8game.io/': 'ON' is not a recognized directive. The header will be ignored.
network error URL: https://ziyuan.baidu.com/image.gif
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1etu.com
3ae.jp
always-app.xyz
api-iam.intercom.io
assets.vegasslotsonline.com
c.mipcdn.com
cdn.matomo.cloud
csm.va.us.criteo.net
dynamic.criteo.com
gum.criteo.com
js.intercomcdn.com
k-img.picimgfield.com
k8.io
k8.matomo.cloud
k8game.io
realtime-1025.optimove.net
script.hotjar.com
sdk.optimove.net
sdkuaservice.optimove.net
static.app.delivery
static.hotjar.com
stream-1025.optimove.net
support.bestk8.sbs
widget.intercom.io
www.baidu.com
www.google.com
www.googletagmanager.com
www.gstatic.com
ziyuan.baidu.com
api-iam.intercom.io
csm.va.us.criteo.net
gum.criteo.com
k-img.picimgfield.com
k8.io
k8game.io
realtime-1025.optimove.net
static.hotjar.com
widget.intercom.io
www.google.com
www.googletagmanager.com
104.18.42.49
104.193.88.102
104.193.88.123
107.154.133.121
108.138.106.126
108.156.184.16
108.156.184.59
18.164.96.46
182.61.201.92
198.2.196.71
2600:9000:24f7:9400:c:7d55:b3c0:93a1
2606:4700:10::6816:37d4
2606:4700:20::681a:890
2606:4700:3031::ac43:a761
2606:4700:4400::6812:2a31
2607:f8b0:4006:81d::2004
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2008
2620:100:a001::c
2620:100:a001::f
3.126.133.169
34.102.240.186
69.197.129.106
176d387bc8a12408c598bf0066e9357ee239803697f2eea223f2616ad3836a56
4c9b5c6ae97fb11a8ad62f95f66a312007c0132ccdaebea4bb90607ef1f9cee4
66514d7a19ec600d7367e8040f65c57122af58f0e6889d663d356b0ddc71ba77
ac3320cd6903305d4171e856935afcaf5849f097ea9a90270cc76b9f9c1d6f1f
c13aeda06adfd333abbfa4843ed8424fc39302343f1ec411715984dc823e98df
e351aad80990ab09a14a7e4d32ce44f8e628ed0b782c4894419307d1d6edd638