m.gk1st.com Open in urlscan Pro
172.67.133.232 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://m.gk1st.com/
Submission: On March 28 via api (March 28th 2024, 4:48:42 pm UTC) from US — Scanned from US

Summary HTTP 38 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 38 HTTP transactions. The main IP is 172.67.133.232, located in United States and belongs to CLOUDFLARENET, US. The main domain is m.gk1st.com.
TLS certificate: Issued by GTS CA 1P5 on March 20th 2024. Valid for: 3 months.

This is the only time m.gk1st.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	172.67.133.232 172.67.133.232	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	142.250.72.106 142.250.72.106	15169 (GOOGLE) (GOOGLE)
5	142.251.40.195 142.251.40.195	15169 (GOOGLE) (GOOGLE)
1	151.101.193.229 151.101.193.229	54113 (FASTLY) (FASTLY)
5	172.67.208.106 172.67.208.106	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
5	2606:4700:303... 2606:4700:3032::6815:1713	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:303... 2606:4700:3035::ac43:ae06	13335 (CLOUDFLAR...) (CLOUDFLARENET)
38	8

16 172.67.133.232 (United States)

ASN13335 (CLOUDFLARENET, US)

m.gk1st.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.72.106 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.251.40.195 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga34s38-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.193.229 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.67.208.106 (United States)

ASN13335 (CLOUDFLARENET, US)

api-prod-gkv2.g2ee.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3032::6815:1713 (United States)

ASN13335 (CLOUDFLARENET, US)

api-prod-gkv2.g2ee.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3035::ac43:ae06 (United States)

ASN13335 (CLOUDFLARENET, US)

file.auto888.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	gk1st.com m.gk1st.com	386 KB
10	g2ee.io api-prod-gkv2.g2ee.io	6 KB
5	gstatic.com fonts.gstatic.com	52 KB
3	auto888.cloud file.auto888.cloud	108 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 310	449 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35	2 KB
38	6

	Domain	Requested by
16	m.gk1st.com	m.gk1st.com
10	api-prod-gkv2.g2ee.io	m.gk1st.com
5	fonts.gstatic.com	fonts.googleapis.com
3	file.auto888.cloud
2	cdn.jsdelivr.net	m.gk1st.com cdn.jsdelivr.net
2	fonts.googleapis.com	m.gk1st.com
38	6

This site contains no links.

Subject Issuer	Validity	Valid
gk1st.com GTS CA 1P5	`2024-03-20` - `2024-06-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-26` - `2024-05-20`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-27` - `2024-10-28`	a year	crt.sh
g2ee.io E1	`2024-02-14` - `2024-05-14`	3 months	crt.sh
auto888.cloud GTS CA 1P5	`2024-02-23` - `2024-05-23`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://m.gk1st.com/
Frame ID: EAA108FF2C40F0A824BCCFD0C51CBFCC
Requests: 35 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

เข้าสู่ระบบ

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Nuxt.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

/_nuxt/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

38
Requests

100 %
HTTPS

38 %
IPv6

6
Domains

6
Subdomains

8
IPs

1
Countries

1003 kB
Transfer

2707 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

38 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
m.gk1st.com/ 3 KB
2 KB 435ms
69ms Document
text/html 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce2259a61dc0f351782d96f270e6b15d31153a3068254b99de2e07d1e52ae57d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
accept-language: en-US,en;q=0.9
sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

age: 16579
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86b91bbfaba50f64-EWR
content-encoding: br
content-type: text/html
date: Thu, 28 Mar 2024 16:48:33 GMT
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C9EGCzVc8lQkwVgK1SdQWtpFVhtXxLML%2Fw57Ap%2FiNpzZRAwHzAox7RvZBaqlBtTTEB5LbJIaZ3Vyny3oPgzVVOpOK8zhcODEw%2BuGZ8b8fCNBdDJQ5fwYdDVtpwQ54w%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
via: 1.1 a034e5b3e703810e3023d56d31897ebc.cloudfront.net (CloudFront)
x-amz-cf-id: GtPIIYAHctqyNJOLItwuhskDlrxiBwDAf8k3JvS3ASyG98QcZs2dew==
x-amz-cf-pop: EWR53-P1
x-cache: Hit from cloudfront

GET
H2 200 css2
fonts.googleapis.com/ 23 KB
1 KB 360ms
24ms Stylesheet
text/css 142.250.72.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Sarabun:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Requested by

Host: m.gk1st.com
URL: https://m.gk1st.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.106 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f10.1e100.net

Software

ESF /

Resource Hash

0ac6d066d8fba3b406b22ff8cde0b7a3b83239fb17e46f516cabd4bdb9f77472

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Mar 2024 16:48:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 16:41:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Mar 2024 16:48:33 GMT

GET
H2 200 dc6f1d1.js Show response
m.gk1st.com/_nuxt/ 3 KB
2 KB 608ms
598ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/_nuxt/dc6f1d1.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34687610a6a6f055f2782bec976665d041038710d45e966d31bca3f4247f7fed

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:33 GMT
via: 1.1 6a2d00c5c73022efc4bc2786f44b3cdc.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-c32"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uiZGq5vVvacKpfRAWLOdidKFEgZYTKLW%2B4pcv%2Fud8okUKaMxnw%2Bntuq5M1QanKoxl9WlqG7ejS2cYb1cj2UcKhSx6SWWMCEaizgmkBK169%2BpcXWcwe%2FoL8foJ3hgog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c3c0f64-EWR
x-amz-cf-id: 7pZY4gHRof0qPIJ_uwAMgmXGDLGa735lKRZxs45XoWZBKDdVZ6V6OA==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 6570120.js Show response
m.gk1st.com/_nuxt/ 253 KB
88 KB 1553ms
1544ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/_nuxt/6570120.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb2665546c6223c80122cd0a7d1770833dd8d244f7bd23c3e1de40573d8a900

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:34 GMT
via: 1.1 0812978283e8debc2d404f4a7b32d866.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-3f438"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=84wCuSfQyLd%2BFhf0%2FRyAFaoKNxZ3%2FvViMpcXbw2wYYIYx4HlBR56NTxHykOfYMU%2FM%2BYtUQjnGNgBbjPC0bEXvm5Z%2BsHHVG%2B9dFZKOtXL9u0PZh0nltmeRSQi3duxxA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c3e0f64-EWR
x-amz-cf-id: lpblSxMFkohYhlZKzHLiiANjYauMwCaK3UbwFimGxqRk2FqY6D0hmQ==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 6edfd15.js Show response
m.gk1st.com/_nuxt/ 668 KB
125 KB 1803ms
1794ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/_nuxt/6edfd15.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 96623c4b1995c3848f806a6238552f602c95f8bc26a3cb40402dd8185db0babc

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:35 GMT
via: 1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-a7098"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DO8Ha8HIFrguAVQbuWzqcVh5r8UvtwinK6%2FxKT4fArnYSwTw6mEUXCP%2B1wJ1%2FJV95PsiIXtpfeYSXoEgG6AD60k7PC4v5cPCwL7bOj0WWujS3wzdgsvdKv4ONIh5Gg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c3f0f64-EWR
x-amz-cf-id: 4XVo5uC52qYGk60gjBONKcwnbsVPwq8T2ZIzSZHz0x7FUhvG02CiDw==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 7774ac6.js Show response
m.gk1st.com/_nuxt/ 265 KB
24 KB 1561ms
1553ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/_nuxt/7774ac6.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80df8913ee7c9e90f9bd7559bc5530006726a82f527e46a35ebd9e002d67c259

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:34 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-422cf"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPVNsxkoDmnGDR8TPnMFNblhyEYWgOtQJhQlFQfVI5AgvYV3xV8ERd7TCe0Dn18yqIsinqQrfpI9N4w4o23JgcaqVo6WwzS4IKZ4S9C9zFtagiY0p%2Fm4hHNrDTruJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c400f64-EWR
x-amz-cf-id: KPxU2093GMRliTPsZ9ehjEwWWvyxSFJiZIP2NGO4nofimLYO80gjqQ==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 jquery.min.js Show response
m.gk1st.com/assets/js/ 87 KB
32 KB 1064ms
1056ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/assets/js/jquery.min.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:34 GMT
via: 1.1 bf49d89d8a3c52a5998a7b465717a00e.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-15d9d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7CEci%2FZKeyWjMshlErfGR9HaHciikeBGk%2F9bRUEhYYDh4b0yEO%2BoVSmayiqSoLl1x3RXL36k6WEmcaqmaFLEVzZhaVEDReDniz9BGFj%2FrnCJNlnUfum3Nk3mWwxrw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c420f64-EWR
x-amz-cf-id: X6LBH-7MIw_PwTNuZHrrGiAB-8Pe0Pe6FvH-r4893Xx4fnevEyI-Jg==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 main.js Show response
m.gk1st.com/assets/js/ 14 KB
3 KB 831ms
823ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/assets/js/main.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7adf2b8245dc990e79ad46295954992c349c2cfea207aad5a54fa417cacd394d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:34 GMT
via: 1.1 3f65d34f6010e326e59d2f311de6e202.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-386b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IjCmq46gKJwAck%2FyV5uwnj2dzdQrWxf%2FWCQXaJs7PQWjckvBscTa7kcD8tY3vMWvqgaEwQOtaJ1EXBHTPxA9mCHEqbtcGztGKoUImvCf0mSLfUL8xSOPBWsNQDBn9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c430f64-EWR
x-amz-cf-id: BGzx0VMbhcUjYLoItjMZf9W6EaEbbImfbYrpW4AfXTRlT2uZXdhBTw==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 jquery.easing.js Show response
m.gk1st.com/assets/js/ 5 KB
1 KB 588ms
581ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/assets/js/jquery.easing.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fe58d74cb327f5e7e0a851fc0fa42fa8165bb1b3b1c6d2c3faa3fe3d3a9ac7c3

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:33 GMT
via: 1.1 79455aeea26d3c071fd96c3c1432669a.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-12ff"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=987qo4QeaDlHOub4wGlM8Dmp9as5dcY0ppmEZ9aauIEXHPMT3l9pb1VdkRstsUeoVoAikMK9eKPp4lUkUXElO6pgpva50W%2Fuqazo9FjCtrO%2Fo0hxTWKlxtcMH3C1oA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c440f64-EWR
x-amz-cf-id: SiwdaBYUEzLCnp6sHD6holriaewaTU5SCpxL-G2_o-YZKadDgRvCOQ==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 popper.min.js Show response
m.gk1st.com/assets/js/ 19 KB
7 KB 784ms
777ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/assets/js/popper.min.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5353f2b2a0fc4032834e44c622da9f519ca08b12252c849389fcf8fa60fe8c42

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:34 GMT
via: 1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-4acd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gk4PUuC4vv08O8h43%2B%2BQcP%2BkASz%2BQvbctwvkDZ4EviZda3XpYL8dM5m6ubIGlVJ049KF4oMAiQNfR1M7i5vUGvoSm02bucgzVw921Px8tUfrK2Y7fkiip2pd%2Bkgfiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c460f64-EWR
x-amz-cf-id: Pxq8MW1oaT6x_ysWvcHZpSlz2wSLy-JtxCdv68gQm0K-Z1niGiOXJw==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 bootstrap.min.js Show response
m.gk1st.com/assets/js/ 62 KB
16 KB 1052ms
1046ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/assets/js/bootstrap.min.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6e941e16d9f77d7bc0b68c25887e5c280281b84ae1f266a0ed20cabde59ff3e4

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:34 GMT
via: 1.1 c45a9630d6506aeeffefe81fbc0ed0ae.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-f7c6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gkkyc3D%2BmfgDt4wk5CfYpq2d91T%2FEPctvDZSe8UkdyhUEEgjY9LULRUZMz6ztfbQBc%2F3miIlSWq9qHOKNTkYEusRWOPZah0FAhos6sXTBXbzQl8TGdWa1ydyQAOIFA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c470f64-EWR
x-amz-cf-id: qxsX2-YyTdvDpmDVTFquKmdyelohaUrnSqNo2vDNvj9x2xOA4QKrjw==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 plugin.js Show response
m.gk1st.com/assets/js/ 56 KB
19 KB 999ms
992ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/assets/js/plugin.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6fb3828d815b81609b7782b2fc0d07bbc4fecc27ee6a40f0dab30763e859ea6d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:34 GMT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-df91"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OOVgPVOUwxwa5afVIvz4dj1AwcTANsv2ylM1X4%2FR4MI5uAEHFrlKKEr0Gj0qx%2FnZ0vbbhJZpX5a2OX32va5VZ6yqf4m7Q4jL%2FHUThpLLc4RLv311yzKNg1%2B4IroYaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c490f64-EWR
x-amz-cf-id: 1xuY8WIrlGNp8jSYOGsUhEd2v8rsls-P85hhER5jUEG5LA5A60o0VQ==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 shortcodes.js Show response
m.gk1st.com/assets/js/ 18 KB
4 KB 817ms
810ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/assets/js/shortcodes.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 460f22bb76f26b14b56974371893568d9c45b147798fb635566a807dcb4bb450

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:34 GMT
via: 1.1 2c7d387775f2e52dd268d2f49202b5d2.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-47fc"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tQ8QMscQyBuKEyhwZs3FoIIOKs8OfNuIE%2ByRjwWhbAsKzfMSJ1UTloGw7oNVrUjHZM4SzAElnyaUU9ov44j0pL2eGzKXNohCceF2FlizPFW8DQAi9mzgiH3N%2FkT7%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c4a0f64-EWR
x-amz-cf-id: iDsz-n4HCsec-JQ8M9k25DIaP6nsIf-4QuJ8x_Ks_kVUGMh1rvHENw==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 swiper-bundle.min.js Show response
m.gk1st.com/assets/js/ 143 KB
39 KB 1315ms
1309ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/assets/js/swiper-bundle.min.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2193569c93a0ebdcf6c158c6bc1a365f7712e3c2e8ce036fdc6bd2a36e6f0e1c

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:34 GMT
via: 1.1 c4460641b6e6b194f0c11732a1b10d1c.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-23bc1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6OCxJ4PCHxJE%2FWLASQ6H1LlBxLCBip3m5gqVqJ70063sCW95yqYlZBaaGr2eyAsMCWdipue4yV8KnegEEZjpOO2%2BEyBkeGKTg%2FkMY1t15QW8nYrnEq68Xy9JUJAcIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bc03c4b0f64-EWR
x-amz-cf-id: bbGvDf106h7tgbyxedZqz8YBYKoLGu-AiUQwlR0GBKzx3CtBhh9Ukw==
expires: Fri, 28 Mar 2025 16:48:33 GMT

GET
H2 200 7e9566d.js Show response
m.gk1st.com/_nuxt/ 302 B
685 B 289ms
275ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/_nuxt/7e9566d.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/dc6f1d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58336f3cb891d91f16948a2dc1bf9ed14dabd457d2f210934889e38139a772b7

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:35 GMT
via: 1.1 13f845dfc86f469c48ead16a985011ba.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-12e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LxJJbbONsRzJ%2BlSEr675ZPvK8YhXcDNgjRanHRG%2BNezAKqSDORQbzMPJUqFJjd5Qh75mgXvMfgW13pUQJU0U3tLQcKsIhImGrPo8Rz0K1buxUZUjY4VGAWi09dq5cg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bcc4c7e0f64-EWR
x-amz-cf-id: cPciypRKq3HdKRoGKxsFVQtufAY9XBOKNAVsO5gmva-gvbTo498yWA==
expires: Fri, 28 Mar 2025 16:48:35 GMT

GET
H2 200 DtVjJx26TKEr37c9aBVJnw.woff2
fonts.gstatic.com/s/sarabun/v15/ 11 KB
12 KB 332ms
5ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aBVJnw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Sarabun:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://m.gk1st.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 07:48:47 GMT
x-content-type-options: nosniff
age: 118788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11452
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:03:27 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 07:48:47 GMT

GET
H2 200 9c223cd.js Show response
m.gk1st.com/_nuxt/ 47 KB
10 KB 296ms
296ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/_nuxt/9c223cd.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/dc6f1d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b88fafbf257fd4a7628b0a2349474b03ae5e69e877a7e99ac4d2d08d49c1686

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:35 GMT
via: 1.1 3c5c6d0ac004d7cc9b79e2835fc1f6a4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-ba0a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWJ81pNelL7PNHvyM1iHWBKehPL6Xz7zmK7TqyU%2FwZ28qvmpZK6igOCor%2FsSTGa7JAKBq3ewzVS71VPnkWSLkOZC5sCDDS0T4KzOjzJuoMD3O1c6VUx2uBlocp4Prg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bce3f790f64-EWR
x-amz-cf-id: YH7JBQF3WujG_PWYQwB2VqnkfxZe_COzPCEZy0aIXGKjw1Zugq1YEA==
expires: Fri, 28 Mar 2025 16:48:35 GMT

GET
H2 200 61fa8d7.js Show response
m.gk1st.com/_nuxt/ 136 KB
13 KB 791ms
791ms Script
application/javascript 172.67.133.232
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://m.gk1st.com/_nuxt/61fa8d7.js
Requested by: Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/dc6f1d1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.133.232 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 423cf4bace07805e6a0d70f1a2c43a8440dc33452b30ea7013cf23e3e29d0a28

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:36 GMT
via: 1.1 acbc1e922360be31edf0371abdc7a3a4.cloudfront.net (CloudFront)
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: EWR53-P1
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 27 Feb 2024 11:06:42 GMT
server: cloudflare
etag: W/"65ddc242-21f61"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W9J%2B71i9TlGG67%2FUsbtsYIpPEp2fDHbkc4wfPa%2FNv6tZp6h0mINrpA%2Bi7IZzFVHVUWHnarFkyK101SGCPgvOGABGOKqX4zCh3LtPC3LLelQfXJlT9pXkLbY5InaOCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 86b91bce3f7b0f64-EWR
x-amz-cf-id: l4xc-4VtNPrjUdsvtIccajTtQnC7HN-PUdNNhAQZ6dXAri0iBjn4cA==
expires: Fri, 28 Mar 2025 16:48:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1006 B 24ms
22ms Stylesheet
text/css 142.250.72.106
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900&display=swap

Requested by

Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/6570120.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.72.106 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f10.1e100.net

Software

ESF /

Resource Hash

35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Thu, 28 Mar 2024 16:48:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 28 Mar 2024 16:10:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 28 Mar 2024 16:48:35 GMT

GET
H2 200 materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@latest/css/ 339 KB
55 KB 319ms
3ms Stylesheet
text/css 151.101.193.229
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Requested by

Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/6570120.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.193.229 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Mar 2024 16:48:35 GMT
x-content-type-options: nosniff
content-encoding: br
age: 23763
x-jsd-version: 7.4.47
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55843
x-served-by: cache-fra-etou8220025-FRA, cache-lga21934-LGA
x-jsd-version-type: version
etag: W/"54a02-OVjZUfBzAil15Q3gxxGhe/obcD8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 show_contact_us Show response
api-prod-gkv2.g2ee.io/api/walletv2/contact/ 575 B
1 KB 896ms
549ms XHR
application/json 172.67.208.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-prod-gkv2.g2ee.io/api/walletv2/contact/show_contact_us

Requested by

Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/6570120.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7de8e9fc16738218d688036dbb83854f19dfa80976b94c5c708d2fac80c93434

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:36 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-encoding: br
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"23f-/947iltyq9PfwrQcoiLFBQ9PoMs"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d0n6HyvXqbjDdS%2B3hJMweWvLYuTPXRY1h7WId2LlqUqysLuelasxctbcSlP%2FXWrsON6EEmU0Rd2wtL6LkbYuyPGZbVNUOYSnK%2FpFSxXk7pcliu1m0CN7ZW0ss70NbX8y1eaL4kZdARA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
cf-ray: 86b91bd06f3241d2-EWR

GET
H2 200 show_theme Show response
api-prod-gkv2.g2ee.io/api/walletv2/theme/ 297 B
493 B 913ms
567ms XHR
application/json 172.67.208.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-prod-gkv2.g2ee.io/api/walletv2/theme/show_theme

Requested by

Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/6570120.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

152c4947af1dcc56794db8e76cb8644bbb8fc3a1fcba8dd25b7edf2b35fafc6c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:36 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-encoding: br
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"129-INOsEfc6Fv+N7hP6azm+66w0UzA"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vm457rxJn1a4hJgy0hWPAaHZraSm%2F%2BMdXTAG2T%2BwvC0MqRIi9GLwNDQe5b43NQkNN80%2BV4QX%2BDbZhRjLpzcPf6xgKJwW9SX7M7f571fi62uxxJFCKRbDwKFZMsiMRVDTrtc3mH2en4A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
cf-ray: 86b91bd06f3541d2-EWR

GET
H2 200 show_contact_us Show response
api-prod-gkv2.g2ee.io/api/walletv2/contact/ 575 B
548 B 497ms
496ms XHR
application/json 172.67.208.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-prod-gkv2.g2ee.io/api/walletv2/contact/show_contact_us

Requested by

Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/6570120.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7de8e9fc16738218d688036dbb83854f19dfa80976b94c5c708d2fac80c93434

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:36 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-encoding: br
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"23f-/947iltyq9PfwrQcoiLFBQ9PoMs"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6L6OYF3Nl0pfjmf%2B5568Gu0hps5sWOgEhQ0ShRj6CEsEi1kU4bJCqi6JR%2BsNbV%2B%2B3z6gMmLYmD1zKonkT2lNzTDrLKJSVwZW0TyAYQfZe3eCx8Wgyu987pVfMlO1jAI1mArhzRFO3gs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
cf-ray: 86b91bd38b9741d2-EWR

GET
H2 200 show_contact_us Show response
api-prod-gkv2.g2ee.io/api/walletv2/contact/ 575 B
553 B 501ms
500ms XHR
application/json 172.67.208.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-prod-gkv2.g2ee.io/api/walletv2/contact/show_contact_us

Requested by

Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/6570120.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7de8e9fc16738218d688036dbb83854f19dfa80976b94c5c708d2fac80c93434

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Accept: application/json, text/plain, */*
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:36 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-encoding: br
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"23f-/947iltyq9PfwrQcoiLFBQ9PoMs"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KFKySjHup%2BPGU6ZzG46xMXQABjBht%2BxkwfTDorZ%2FWSRUnVSrMiLzaS851gdPCW7O%2Bz3JIHHqAkrDh6iYapjea9aw2FU3BhCvTqgDRk2ioJcVSYjtYz4coyalJEGfvkETu%2BLLv%2FsrQzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
cf-ray: 86b91bd38b9941d2-EWR

GET
H2 200 DtVmJx26TKEr37c9YK5sik8s6zDX.woff2
fonts.gstatic.com/s/sarabun/v15/ 9 KB
10 KB 8ms
5ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVmJx26TKEr37c9YK5sik8s6zDX.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

08e53442748a876d664005ea82f14fe894211f54adab26f33e9eb4e332c68b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://m.gk1st.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:10:49 GMT
x-content-type-options: nosniff
age: 117467
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:36:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 08:10:49 GMT

GET
H2 200 DtVjJx26TKEr37c9aAFJn2QN.woff2
fonts.gstatic.com/s/sarabun/v15/ 9 KB
10 KB 8ms
7ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVjJx26TKEr37c9aAFJn2QN.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

7255a0ff175fc2330ee58fb2e55efc5edbc54d2f4546220b7b639c1fe601b443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://m.gk1st.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:01:26 GMT
x-content-type-options: nosniff
age: 118030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9676
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 08:01:26 GMT

GET
H3 200 materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/ 394 KB
394 KB 158ms
16ms Font
font/woff2 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/@mdi/font@latest/fonts/materialdesignicons-webfont.woff2?v=7.4.47

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css

Protocol

Security

QUIC, , AES_256_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://cdn.jsdelivr.net/npm/@mdi/font@latest/css/materialdesignicons.min.css
Origin: https://m.gk1st.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Thu, 28 Mar 2024 16:48:36 GMT
x-content-type-options: nosniff
age: 27514
x-jsd-version: 7.4.47
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 403216
x-served-by: cache-fra-eddf8230112-FRA, cache-lga21929-LGA
x-jsd-version-type: version
etag: W/"62710-TiD2zPQxmd6lyFsjoODwuoH/7iY"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 DtVmJx26TKEr37c9YOZqilss6w.woff2
fonts.gstatic.com/s/sarabun/v15/ 11 KB
12 KB 8ms
7ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVmJx26TKEr37c9YOZqilss6w.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

2c54f0433147b5295f626256107f84b6d278f9bea1f03dc8859c7fb9618cfa2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://m.gk1st.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 07:48:54 GMT
x-content-type-options: nosniff
age: 118782
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11684
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:52:05 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 07:48:54 GMT

GET
H2 200 DtVmJx26TKEr37c9YOZqik8s6zDX.woff2
fonts.gstatic.com/s/sarabun/v15/ 10 KB
10 KB 8ms
7ms Font
font/woff2 142.251.40.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sarabun/v15/DtVmJx26TKEr37c9YOZqik8s6zDX.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.40.195 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s38-in-f3.1e100.net

Software

sffe /

Resource Hash

1a35f22ee94681b7d7216b1d03261f18775f1f2b89c4293d098b017df0e33777

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://fonts.googleapis.com/
Origin: https://m.gk1st.com
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Wed, 27 Mar 2024 08:34:23 GMT
x-content-type-options: nosniff
age: 116053
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9732
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 21:04:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Mar 2025 08:34:23 GMT

POST
H3 200 check Show response
api-prod-gkv2.g2ee.io/api/walletv2/maintenance/ 188 B
1 KB 495ms
495ms XHR
application/json 2606:4700:3032::6815:1713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-prod-gkv2.g2ee.io/api/walletv2/maintenance/check

Requested by

Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/6570120.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:1713 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f609109b7e3a89e0661cba99be702966fd1cea176f275a9270ee3f6b8503004f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://m.gk1st.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:37 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-encoding: br
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"bc-2KvKsQQw9LqBKym3M0ifnIb3aLQ"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rkYV8d6V1oijkJjinw6YI%2FLMArv7Nx8d88N9IDwgoOy4fhFrzOsNQ2g4v7vxdsggY33s%2F86wJlCDQs8jwR%2BdA0v0NF9oRSieQsh%2FJcRT3doDMm5CkQC6xpOsQS%2F5TQM57s01wePivAJWJYMGugB56UzHiAY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
cf-ray: 86b91bd5a8264231-EWR

OPTIONS
H2 204 check
api-prod-gkv2.g2ee.io/api/walletv2/maintenance/ 0
0 283ms
282ms Preflight 172.67.208.106
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-prod-gkv2.g2ee.io/api/walletv2/maintenance/check

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.67.208.106 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://m.gk1st.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86b91bd3dbf341d2-EWR
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 28 Mar 2024 16:48:36 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uw25MuvRFmoNwipo2YfQ1XyWq3pRGAlRsEH4nU75g43nl9Ldt3a2GrbulNa9SykzKDH7G%2FQ1FW6AIZn%2FfM5xIwywMTduao4x5KifZWZu8emYcIHpEGl6amJOycTOn8N0k2cBS4ZzDpo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

GET
H3 200 1684927693153.png
file.auto888.cloud/slips/ 4 KB
5 KB 624ms
541ms Other
image/png 2606:4700:3035::ac43:ae06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://file.auto888.cloud/slips/1684927693153.png
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ae06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e6b8127d0c96cb916c65dcfe132fb3659e377c34c83363f3f8bd4a1fd8f2ec3f

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:37 GMT
cf-cache-status: MISS
last-modified: Wed, 24 May 2023 11:28:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "10bf-5fc6ecc9f589f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52I3VE%2FwdHu4AKqyb%2F4AwyEPyxo6ASc8%2BMnmEyv80DOz2cWzC2quGiuxmmSC5CB1m1yNoFvfYYXXEKM7lkih77Kni5PXCLgjuc5%2BiHN7xue6h3r8fJSWOrF7r%2F%2FBHbyXeFEdlQnySAfkf9tVYfNLCuk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86b91bd50e9bc34d-EWR
alt-svc: h3=":443"; ma=86400
content-length: 4287

POST
H3 200 check Show response
api-prod-gkv2.g2ee.io/api/walletv2/maintenance/ 188 B
1 KB 521ms
521ms XHR
application/json 2606:4700:3032::6815:1713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-prod-gkv2.g2ee.io/api/walletv2/maintenance/check

Requested by

Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/6570120.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:1713 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f609109b7e3a89e0661cba99be702966fd1cea176f275a9270ee3f6b8503004f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://m.gk1st.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:37 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-encoding: br
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"bc-2KvKsQQw9LqBKym3M0ifnIb3aLQ"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FdIHO1V0QpLvHV6K07I9ysDQEqvPcvT%2BV6mSUZ%2FRKRyswS0vZmKCSOcgyv%2FX1V9MlkcOC9qTSs63KW6tXD19t3AJDcj5CA3T8tN96K9qpq4AwOQzBkRHL40ga%2FZFBAVx2X8qF%2BBvzx4%2BKJAxpXMj61kn2pI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
cf-ray: 86b91bd9ca988cbd-EWR

OPTIONS
H3 204 check
api-prod-gkv2.g2ee.io/api/walletv2/maintenance/ 0
0 483ms
480ms Preflight 2606:4700:3032::6815:1713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-prod-gkv2.g2ee.io/api/walletv2/maintenance/check

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:1713 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://m.gk1st.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86b91bd6c9eb4231-EWR
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 28 Mar 2024 16:48:37 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=rDhodkr9CxIzsPhxBjYu%2F8Ndnr80ZB3XGypuCHyn6W5bgMd%2FyPRU4SWIsejjP0Bh4%2F4bEGt99AI%2FBisPWm2hcIwvigcw%2FV7Q54AHwdkC8RhN6B9g35YwEH6SE%2Fl%2B4Kqb1XlE9mYog0D4CCXvzenOY32KZiI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

OPTIONS
H3 204 check
api-prod-gkv2.g2ee.io/api/walletv2/maintenance/ 0
0 485ms
484ms Preflight 2606:4700:3032::6815:1713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-prod-gkv2.g2ee.io/api/walletv2/maintenance/check

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:1713 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://m.gk1st.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 86b91bd6c9f44231-EWR
content-length: 0
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-origin
date: Thu, 28 Mar 2024 16:48:37 GMT
expect-ct: max-age=0
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster: ?1
referrer-policy: no-referrer
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cDVsEAgA06MGpQFjmZJZ%2FmaC35bY0cUUQ%2FJTFiUiB%2B0P5nUksMLLtpsEW0Ix4H5emgJpLxDjOmaxdJoa%2F6RZzl3vejWkLBQngMx4XeFfVvvJYuVEKxlA9vDmVIcixDd3%2FclDIjpj6jK5jkVOiLdX11HM7Wg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
vary: Access-Control-Request-Headers
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 0

POST
H3 200 check Show response
api-prod-gkv2.g2ee.io/api/walletv2/maintenance/ 188 B
1 KB 512ms
511ms XHR
application/json 2606:4700:3032::6815:1713
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-prod-gkv2.g2ee.io/api/walletv2/maintenance/check

Requested by

Host: m.gk1st.com
URL: https://m.gk1st.com/_nuxt/6570120.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3032::6815:1713 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f609109b7e3a89e0661cba99be702966fd1cea176f275a9270ee3f6b8503004f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json, text/plain, */*
Referer: https://m.gk1st.com/
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:37 GMT
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains
cf-cache-status: DYNAMIC
x-permitted-cross-domain-policies: none
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cross-origin-embedder-policy: require-corp
x-dns-prefetch-control: off
content-encoding: br
cross-origin-resource-policy: same-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
referrer-policy: no-referrer
server: cloudflare
cross-origin-opener-policy: same-origin
etag: W/"bc-2KvKsQQw9LqBKym3M0ifnIb3aLQ"
expect-ct: max-age=0
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c4p9%2BhXF%2FzFtPxTi%2B8MxBNMVG%2FOvNY4Roo04BbJ13I7FVtAUx8FVtZ%2BdKOKlA3hggyyzcSJfd86nvK8twi9opMB2ti4Nfc%2BpAe6pb0%2FP4I28UpaqBOdMQWgzxl6GIHrLtQlFcDIOW%2BumLrHgRq3KZPBlFAA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?1
x-download-options: noopen
cf-ray: 86b91bd9daaf8cbd-EWR

GET
H3 200 1685008492649.jpeg
file.auto888.cloud/slips/ 51 KB
52 KB 982ms
979ms Image
image/jpeg 2606:4700:3035::ac43:ae06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.auto888.cloud/slips/1685008492649.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ae06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 718cf8344e3fa8f47bce34414344facb4a68279ad1a54b0f494f7f65fdf5c00d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:37 GMT
cf-cache-status: MISS
last-modified: Thu, 25 May 2023 09:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "cca4-5fc819ca5d906"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XlJIx0IkonTp4tCXaK6On7ks6yHv03N7Hw1fbhAXk6QIkREgoqnoDehPbS4OQ6qWB1Kz4LU9%2BmJjdIBfkW1dP19wWR5OtERbLn4HVFPlIpEAheNy6S5KYhGI%2F57tm%2BylbacuPUlgvJHCvjC73hj626Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86b91bd6d90ec34d-EWR
alt-svc: h3=":443"; ma=86400
content-length: 52388

GET
H3 200 1685008492649.jpeg
file.auto888.cloud/slips/ 51 KB
52 KB 14ms
13ms Image
image/jpeg 2606:4700:3035::ac43:ae06
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://file.auto888.cloud/slips/1685008492649.jpeg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3035::ac43:ae06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 718cf8344e3fa8f47bce34414344facb4a68279ad1a54b0f494f7f65fdf5c00d

Request headers

sec-ch-ua: "Google Chrome";v="123", "Not:A-Brand";v="8", "Chromium";v="123"
Referer: https://m.gk1st.com/
accept-language: en-US,en;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 28 Mar 2024 16:48:37 GMT
cf-cache-status: HIT
last-modified: Thu, 25 May 2023 09:54:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 0
etag: "cca4-5fc819ca5d906"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KPOSHo1ChPrNd2H9XwLanwYRzpI0P6aWaQd5b82G9WpukPYJEx7NUTkih2TJaf%2BfGfxsC1zw9nnMq0edfM3XjSesjFPGeDiJ1ERS6sLPeB2Akjp%2BJWuJFHHrEP28LmOqfoETLvUjIQW0AJC%2Fh2Vy2Wg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 86b91bdd6f7ec34d-EWR
alt-svc: h3=":443"; ma=86400
content-length: 52388

Verdicts & Comments Add Verdict or Comment

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			m.gk1st.com/	1969-12-31 23:59:59	Name: auth.strategy Value: local

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-prod-gkv2.g2ee.io
cdn.jsdelivr.net
file.auto888.cloud
fonts.googleapis.com
fonts.gstatic.com
m.gk1st.com
142.250.72.106
142.251.40.195
151.101.193.229
172.67.133.232
172.67.208.106
2606:4700:3032::6815:1713
2606:4700:3035::ac43:ae06
2a04:4e42:200::485
03fe3caba05e65b14e4035139eee89b12be87cd0bcf342ac3886770eec3a9962
08e53442748a876d664005ea82f14fe894211f54adab26f33e9eb4e332c68b0d
0ac6d066d8fba3b406b22ff8cde0b7a3b83239fb17e46f516cabd4bdb9f77472
0c18a7096d8615e2b30d7fbaccb64fe00b6cffccf671c3c4ca53244640722202
152c4947af1dcc56794db8e76cb8644bbb8fc3a1fcba8dd25b7edf2b35fafc6c
1a35f22ee94681b7d7216b1d03261f18775f1f2b89c4293d098b017df0e33777
2193569c93a0ebdcf6c158c6bc1a365f7712e3c2e8ce036fdc6bd2a36e6f0e1c
2c54f0433147b5295f626256107f84b6d278f9bea1f03dc8859c7fb9618cfa2d
34687610a6a6f055f2782bec976665d041038710d45e966d31bca3f4247f7fed
35ae53cd6f0cde71e622f6e54dc576bb82ffab56c9e41b1298f932eebf963eb9
423cf4bace07805e6a0d70f1a2c43a8440dc33452b30ea7013cf23e3e29d0a28
460f22bb76f26b14b56974371893568d9c45b147798fb635566a807dcb4bb450
5353f2b2a0fc4032834e44c622da9f519ca08b12252c849389fcf8fa60fe8c42
58336f3cb891d91f16948a2dc1bf9ed14dabd457d2f210934889e38139a772b7
662fefa8f2f8a95c18588d21774789c107c64e771cbe65a69af46291c4311afc
6e941e16d9f77d7bc0b68c25887e5c280281b84ae1f266a0ed20cabde59ff3e4
6fb3828d815b81609b7782b2fc0d07bbc4fecc27ee6a40f0dab30763e859ea6d
718cf8344e3fa8f47bce34414344facb4a68279ad1a54b0f494f7f65fdf5c00d
7255a0ff175fc2330ee58fb2e55efc5edbc54d2f4546220b7b639c1fe601b443
7adf2b8245dc990e79ad46295954992c349c2cfea207aad5a54fa417cacd394d
7de8e9fc16738218d688036dbb83854f19dfa80976b94c5c708d2fac80c93434
80df8913ee7c9e90f9bd7559bc5530006726a82f527e46a35ebd9e002d67c259
8b88fafbf257fd4a7628b0a2349474b03ae5e69e877a7e99ac4d2d08d49c1686
8eb2665546c6223c80122cd0a7d1770833dd8d244f7bd23c3e1de40573d8a900
96623c4b1995c3848f806a6238552f602c95f8bc26a3cb40402dd8185db0babc
ce2259a61dc0f351782d96f270e6b15d31153a3068254b99de2e07d1e52ae57d
e6b8127d0c96cb916c65dcfe132fb3659e377c34c83363f3f8bd4a1fd8f2ec3f
ee11e902416a1d896f538103110337b39a0e2e2606bc1faf5cd0652914891127
f609109b7e3a89e0661cba99be702966fd1cea176f275a9270ee3f6b8503004f
fe58d74cb327f5e7e0a851fc0fa42fa8165bb1b3b1c6d2c3faa3fe3d3a9ac7c3

m.gk1st.com Open in urlscan Pro 172.67.133.232 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

38 Requests

100 %HTTPS

38 %IPv6

6 Domains

6 Subdomains

8 IPs

1 Countries

1003 kBTransfer

2707 kBSize

1 Cookies

0 Outgoing links

Redirected requests

38 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

m.gk1st.com Open in urlscan Pro
172.67.133.232 Public Scan

Screenshot
Live screenshot

Full Image

38
Requests

100 %
HTTPS

38 %
IPv6

6
Domains

6
Subdomains

8
IPs

1
Countries

1003 kB
Transfer

2707 kB
Size

1
Cookies

38 HTTP transactions
0 data transactions