urlscan.io logo urlscan.io
SecurityTrails logo

12hdem.com Open in urlscan Pro
2606:4700:3038::6815:eac1  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://12hdem.com/watch/hS4nRorrG545rFZ
Effective URL: https://12hdem.com/404
Submission: On December 27 via manual from ID
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 13 HTTP transactions. The main IP is 2606:4700:3038::6815:eac1, located in United States and belongs to CLOUDFLARENET, US. The main domain is 12hdem.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 4th 2020. Valid for: a year.
This is the only time 12hdem.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 139.99.126.163 16276 (OVH)
1 139.99.126.164 16276 (OVH)
13 5
5    2606:4700:3038::6815:eac1 (United States)

ASN13335 (CLOUDFLARENET, US)
12hdem.com
5    2606:4700:3031::681b:8385 (United States)

ASN13335 (CLOUDFLARENET, US)
12had.com
2    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    139.99.126.163 (Singapore)

ASN16276 (OVH, FR)
PTR: tinong247.vn
click.advertnative.com
1    139.99.126.164 (Singapore)

ASN16276 (OVH, FR)
PTR: ip164.ip-139-99-126.net
advertnative.com
Domain Requested by
5 12had.com 12hdem.com
12had.com
5 12hdem.com 1 redirects 12hdem.com
2 www.google-analytics.com 12hdem.com
www.google-analytics.com
1 advertnative.com 12hdem.com
1 click.advertnative.com 12had.com
13 5

This site contains links to these domains. Also see Links.

Domain
12had.com
advertnative.com
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-08-04 -
2021-08-04		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-10 -
2021-02-02		 3 months crt.sh
click.advertnative.com
Let's Encrypt Authority X3		 2020-10-25 -
2021-01-23		 3 months crt.sh
advertnative.com
Let's Encrypt Authority X3		 2020-10-25 -
2021-01-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://12hdem.com/404
Frame ID: D65D442DEA67FC388D11470295D51EEE
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://12hdem.com/watch/hS4nRorrG545rFZ HTTP 302
    https://12hdem.com/404 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

13
Requests

100 %
HTTPS

60 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

441 kB
Transfer

1157 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://12hdem.com/watch/hS4nRorrG545rFZ HTTP 302
    https://12hdem.com/404 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 404
12hdem.com/
Redirect Chain
  • https://12hdem.com/watch/hS4nRorrG545rFZ
  • https://12hdem.com/404
907 KB
221 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://12hdem.com/404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3038::6815:eac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.10RC1
Resource Hash
4edf2221b930428397de9d816d37e4df772df3e3fc377dee3375fdf01977bf3f

Request headers

:method
GET
:authority
12hdem.com
:scheme
https
:path
/404
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=d1e7f3dc07266491034872e1c6cbd7a1e1609030435; PHPSESSID=fgoddflsgqcjdrdkfkm62ea072; _uads=a%3A2%3A%7Bs%3A4%3A%26quot%3Bdate%26quot%3B%3Bi%3A1609116835%3Bs%3A5%3A%26quot%3Buaid_%26quot%3B%3Ba%3A0%3A%7B%7D%7D; mode=day
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:56 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.4.10RC1
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
cf-cache-status
DYNAMIC
cf-request-id
0743491cad00002b169a0cb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ewckna4jGuCxEzOIbbox11BasuA3Lsi9xLXXr6DZR%2F%2FoACVpNa9FYH%2BBWgp4EKf9Tt0Sb2m1fqs5wMWFa%2FmIhavhqHns%2FTCelUGg3QtrijMJSXwTY2gi"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
607f11411a952b16-FRA
content-encoding
gzip

Redirect headers

date
Sun, 27 Dec 2020 00:53:56 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d1e7f3dc07266491034872e1c6cbd7a1e1609030435; expires=Tue, 26-Jan-21 00:53:55 GMT; path=/; domain=.12hdem.com; HttpOnly; SameSite=Lax; Secure PHPSESSID=fgoddflsgqcjdrdkfkm62ea072; path=/ _uads=a%3A2%3A%7Bs%3A4%3A%26quot%3Bdate%26quot%3B%3Bi%3A1609116835%3Bs%3A5%3A%26quot%3Buaid_%26quot%3B%3Ba%3A0%3A%7B%7D%7D; expires=Wed, 25-Dec-2030 00:53:55 GMT; Max-Age=315360000; path=/ mode=day; expires=Wed, 25-Dec-2030 00:53:55 GMT; Max-Age=315360000; path=/
x-powered-by
PHP/7.4.10RC1
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://12hdem.com/404
cf-cache-status
DYNAMIC
cf-request-id
0743491b2400002b16f484f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=77J5Ydw6P9mjmU9s3MlP3LyVXUHewv%2Fw%2F8gdMcIsMqP5g2yk96H3X2BIoZpML7vHYQahpglYL1Mbm%2BlPpRSabazcAX9ovbwG%2B2cnVPfyXJv0vHvv%2FvEk"}],"group":"cf-nel","max_age":604800}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
607f113e9f4d2b16-FRA
logo12hdemv2.png
12hdem.com/themes/vidplay/img/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12hdem.com/themes/vidplay/img/logo12hdemv2.png
Requested by
Host: 12hdem.com
URL: https://12hdem.com/404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3038::6815:eac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e269d93f75205be11eb0648aa2fb9e2eb3eae134b690245d87f82686796336c

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
561332
content-length
6277
cf-request-id
074349207800002b16fa025000000001
last-modified
Sun, 24 May 2020 17:07:17 GMT
server
cloudflare
etag
"5ecaa9c5-1885"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WcaaJ7EQj2m%2BuNZ6xRyVmGgdew0QmIOyu1hpT64LAkDrn3nc2rcLf6qUANKTwE%2BlosCFOqjgAgvexuv2VC7DtKKDJTf1zaFjqQw%2FVYt7%2B2fyc7ImKSsp"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
607f11472aaa2b16-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
icon1.png
12hdem.com/themes/vidplay/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12hdem.com/themes/vidplay/img/icon1.png
Requested by
Host: 12hdem.com
URL: https://12hdem.com/404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3038::6815:eac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f1030563e14331fb0d5634a0e46893a41236c64e3f559261cde19c547cee13d

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1770358
content-length
6885
cf-request-id
074349207800002b16898ed000000001
last-modified
Tue, 03 Mar 2020 14:51:12 GMT
server
cloudflare
etag
"5e5e6ee0-1ae5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dWyqyPUgVxjJINv8z0trjxIP1rmTznNYPUYXkVkDzuCerR%2FhtUXHnib5sGjHQj7mUInTXpscV6x341LiVD7oD%2BxraX8fX7hDfgaw%2BPZ2bl3BzYc8bh56"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
607f11472aab2b16-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
asyncjs.php
12had.com/www/delivery/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://12had.com/www/delivery/asyncjs.php
Requested by
Host: 12hdem.com
URL: https://12hdem.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8385 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.10RC1
Resource Hash
01c52b82a65a684f48f99ca97d45fc57fa63e10de13a0f33206d815dcca34e04

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/7.4.10RC1
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5Nujjr6%2FQnhWkWQSCczOPMGtZ%2FZhJVYPXPnz%2Fqruj00df8TxDid4Xe1duxmaf5OxkE8TCh%2BUrKqa1bUW3oLE7jeSG8RzJFiHqSNqouroYzOOHVEIZgM%3D"}],"group":"cf-nel","max_age":604800}
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
text/javascript;charset=UTF-8
cache-control
private, max-age=3600
cf-ray
607f11475c941f3d-FRA
expire
Sun, 27 Dec 2020 01:53:57 GMT
cf-request-id
074349209c00001f3d4a1e0000000001
smiley-kiss.gif
12hdem.com/admin-panel/plugins/tinymce/js/tinymce/plugins/emoticons/img/ 		338 B
670 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12hdem.com/admin-panel/plugins/tinymce/js/tinymce/plugins/emoticons/img/smiley-kiss.gif
Requested by
Host: 12hdem.com
URL: https://12hdem.com/404
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:3038::6815:eac1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3154c3665356c13ab10fefdbac1fe187fff978a0052037c99cdc4a97103413f2

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:56 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
103691
content-length
338
cf-request-id
074349207a00002b16c88b5000000001
last-modified
Fri, 10 Nov 2017 17:00:46 GMT
server
cloudflare
etag
"5a05db3e-152"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fert0QezKw%2Bls%2F2cDzlEUyOPq5qUq7zkVn1AVEh0a9W%2FUo%2FyTlymefO7KTGkTNjFg57ihn2ploQ3rB5ntD1EO9xxf6tG1NT52qFxEkQhICq6ZAmK2EYu"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
607f11472ab02b16-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: 12hdem.com
URL: https://12hdem.com/404
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
3803
date
Sat, 26 Dec 2020 23:50:34 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 27 Dec 2020 01:50:34 GMT
collect
www.google-analytics.com/j/ 		2 B
384 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=627519249&t=pageview&_s=1&dl=https%3A%2F%2F12hdem.com%2F404&ul=en-us&de=UTF-8&dt=404%20%7C%2012H%20%C4%90%C3%8AM&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=552893047&gjid=847572846&cid=321733968.1609030437&tid=UA-112031557-1&_gid=1042506388.1609030437&_r=1&_slc=1&z=1205039925
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 27 Dec 2020 00:53:57 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://12hdem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
asyncspc.php
12had.com/www/delivery/ 		1 KB
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://12had.com/www/delivery/asyncspc.php?zones=9%7C2&prefix=revive-0-&loc=https%3A%2F%2F12hdem.com%2F404
Requested by
Host: 12had.com
URL: https://12had.com/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8385 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.10RC1
Resource Hash
13f969acb54e0f95c4ab606ce1ffdec5ea9574e479c9e63c69869ed83f7d1cf9

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:57 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.10RC1
p3p
CP="CUR ADM OUR NOR STA NID"
cf-request-id
074349220300001f3ddb085000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=USms79D83B9ldUNR8GGDYa0AxMXsW4yub97E5fmgY6PCxnHQt8OYggPJntrXjUoc6p5VcMkkw3L8ouEXVGpI16LRx9V5%2F6%2BwhvpTjo%2FSKPAdw0V%2Bst8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://12hdem.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
607f11499ef21f3d-FRA
expires
0
/
click.advertnative.com/loading/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://click.advertnative.com/loading/?handle=8934
Requested by
Host: 12had.com
URL: https://12had.com/www/delivery/asyncjs.php
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
139.99.126.163 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
tinong247.vn
Software
nginx/1.18.0 / PHP/7.2.24
Resource Hash
28a139d63c33306a18fa9d4f8ab55b82ad30e113ae03ba7f5c2cd510919e3ad2
Security Headers
Name Value
Strict-Transport-Security max-age=15768000, max-age=15768000

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:58 GMT
server
nginx/1.18.0
x-powered-by
PHP/7.2.24
strict-transport-security
max-age=15768000, max-age=15768000
content-type
application/javascript; charset=utf-8
e4bf69b753b5e0572020363332853114.jpeg
12had.com/www/images/ 		175 KB
176 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12had.com/www/images/e4bf69b753b5e0572020363332853114.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8385 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb8c755c47cd885613a4c7bf3db4eb8cb020a997baca2547dd7f7d3e1a9f2a49

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:57 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
280382
content-length
179489
cf-request-id
074349237b00001f3d78a45000000001
last-modified
Thu, 10 Dec 2020 09:37:40 GMT
server
cloudflare
etag
"5fd1ec64-2bd21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=TzXbZ70R5nDc7GtfV3wtCKSVBpNUTnwNiIL6gn5vIskl5kGyPjXkncTPrfU204B1hJRns8uErsxUCIiqMl7QvKOOwtpFwkxNb1kUIMWspKSBxy%2BAB14%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=315360000
accept-ranges
bytes
cf-ray
607f114bf9eb1f3d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
lg.php
12had.com/www/delivery/ 		43 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12had.com/www/delivery/lg.php?bannerid=29&campaignid=8&zoneid=9&loc=https%3A%2F%2F12hdem.com%2F404&cb=fa44e3a7b1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8385 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.10RC1
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:58 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.10RC1
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
43
cf-request-id
074349237c00001f3d6d10a000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xnR1Dy3vamnGetJFqi9dT5niAd0SoZXQd4Qkoo2nmMtx9EFCh%2B%2B253D3F%2BRLH94QFMZU0Wq%2BDHTIw87uTs3RVihjqX2wDSuuA3DkSwZ5nxkiMIePijU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
607f114bf9ec1f3d-FRA
expires
0
lg.php
12had.com/www/delivery/ 		43 B
335 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://12had.com/www/delivery/lg.php?bannerid=3&campaignid=1&zoneid=2&loc=https%3A%2F%2F12hdem.com%2F404&cb=38cb4cf5e0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3031::681b:8385 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.4.10RC1
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:57 GMT
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
x-powered-by
PHP/7.4.10RC1
p3p
CP="CUR ADM OUR NOR STA NID"
content-length
43
cf-request-id
074349237c00001f3d453f4000000001
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6TByhRuKCgTXw3HgRL%2FeeBTxAMm0W00ZdDj9WSY5VXfECMf9YPYPqeW7C1LMxXhYvIxw3pAgeuYpMk4%2BWGoSc1YbG3hU8tQsGVHo7QX5RLcKaIcHffo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cf-ray
607f114bf9ee1f3d-FRA
expires
0
all_an_white_4.png
advertnative.com/storage/logo/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://advertnative.com/storage/logo/all_an_white_4.png
Requested by
Host: 12hdem.com
URL: https://12hdem.com/404
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.99.126.164 , Singapore, ASN16276 (OVH, FR),
Reverse DNS
ip164.ip-139-99-126.net
Software
nginx/1.19.5 /
Resource Hash
23a7a772f258be3aec21ea1617a951c1f8a8867c69f446740826d0f6709b2129
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://12hdem.com/404
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 27 Dec 2020 00:53:58 GMT
last-modified
Thu, 23 Jan 2020 15:16:52 GMT
server
nginx/1.19.5
etag
"5e29b8e4-a78"
strict-transport-security
max-age=15768000
content-type
image/png
cache-control
max-age=315360000
accept-ranges
bytes
content-length
2680
expires
Thu, 31 Dec 2037 23:55:55 GMT

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| Sweetalert2 function| swal function| sweetAlert function| Fingerprint2 string| site_url function| PT_Ajax_Requests_File function| PT_Page_Loading_File function| OpenShareWindow function| getCookie string| GoogleAnalyticsObject function| ga function| PT_Subscribe function| PT_Reply function| PT_LoadPost function| PT_DeleteVideo function| PT_DeleteHistory function| PT_DeleteSaved function| PT_AddToList function| PT_ReportVideo function| PT_PLVToggle function| PT_WLToggle function| PT_NewList function| PT_EditList function| PT_DeleteList function| PT_DelFromList function| PT_RemoveFromWL function| PT_RVReply function| PT_RPReply function| PT_DeleteReply function| PT_LikeComments function| PT_LikeReplies function| pt_hide_announcement function| pay_to_see function| PT_ShowMethods function| PT_PurchasePkg function| PT_OpenCheckOut function| pay_using_wallet function| PT_PaySubscribe function| scrollToTop function| readURL function| copyToClipboard function| numberWithCommas function| Wo_LikeSystem function| PT_AddLike function| PT_Delay function| PT_progressIconLoader function| PT_HasExtension function| pt_elexists function| nl2br function| makeid function| escapeHTML number| lastScrollTop object| Snackbar object| google_tag_data object| gaplugins object| gaGlobal object| gaData undefined| didScroll number| delta number| navbarHeight function| hasScrolled object| org function| getQueryParamValue function| FlashObject function| SWFObject object| reviveAsync object| block string| text

7 Cookies

Domain/Path Name / Value
.12hdem.com/ Name: _gat
Value: 1
.12hdem.com/ Name: _gid
Value: GA1.2.1042506388.1609030437
12hdem.com/ Name: mode
Value: day
12hdem.com/ Name: PHPSESSID
Value: fgoddflsgqcjdrdkfkm62ea072
12hdem.com/ Name: _uads
Value: a%3A2%3A%7Bs%3A4%3A%26quot%3Bdate%26quot%3B%3Bi%3A1609116835%3Bs%3A5%3A%26quot%3Buaid_%26quot%3B%3Ba%3A0%3A%7B%7D%7D
.12hdem.com/ Name: _ga
Value: GA1.2.321733968.1609030437
.12hdem.com/ Name: __cfduid
Value: d1e7f3dc07266491034872e1c6cbd7a1e1609030435