www.12play8.win Open in urlscan Pro
172.67.205.31 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://12play8.win/
Effective URL:
https://www.12play8.win/
Submission: On October 04 via api (October 4th 2024, 12:18:36 am UTC) from BE — Scanned from DE

Summary HTTP 49 Redirects Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 12 domains to perform 49 HTTP transactions. The main IP is 172.67.205.31, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.12play8.win.
TLS certificate: Issued by WE1 on October 1st 2024. Valid for: 3 months.

This is the only time www.12play8.win was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 19	172.67.205.31 172.67.205.31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	216.58.212.168 216.58.212.168	15169 (GOOGLE) (GOOGLE)
1	216.239.38.178 216.239.38.178	15169 (GOOGLE) (GOOGLE)
2 5	185.84.60.23 185.84.60.23	198622 (ADFORM) (ADFORM)
1	37.157.4.21 37.157.4.21	198622 (ADFORM) (ADFORM)
5	23.213.161.209 23.213.161.209	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	157.240.253.1 157.240.253.1	32934 (FACEBOOK) (FACEBOOK)
3	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c1f::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	37.157.3.26 37.157.3.26	198622 (ADFORM) (ADFORM)
49	16

19 172.67.205.31 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

12play8.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.12play8.win	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.168 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f168.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.38.178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.84.60.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

asia.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
asia.seadform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.4.21 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.213.161.209 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-209.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 157.240.253.1 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c1f::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

td.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.26 (Denmark)

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	12play8.win 1 redirects 12play8.win www.12play8.win	2 MB
6	adform.net 2 redirects asia.adform.net — Cisco Umbrella Rank: 71004 s2.adform.net — Cisco Umbrella Rank: 6863 c1.adform.net — Cisco Umbrella Rank: 604	34 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 817	137 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 34 region1.google-analytics.com — Cisco Umbrella Rank: 3643	22 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 113	4 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	389 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	76 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 136 td.doubleclick.net — Cisco Umbrella Rank: 192	555 B
1	seadform.net asia.seadform.net — Cisco Umbrella Rank: 165242	467 B
1	google.de www.google.de — Cisco Umbrella Rank: 11271	63 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4401
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
49	12

	Domain	Requested by
18	www.12play8.win	www.12play8.win
5	analytics.tiktok.com	www.12play8.win analytics.tiktok.com
4	www.facebook.com	www.12play8.win
4	asia.adform.net	2 redirects www.12play8.win asia.adform.net
4	www.googletagmanager.com	www.12play8.win www.google-analytics.com www.googletagmanager.com
3	connect.facebook.net	www.12play8.win connect.facebook.net
3	www.google-analytics.com	www.12play8.win www.google-analytics.com
2	region1.google-analytics.com	www.googletagmanager.com
1	asia.seadform.net	www.12play8.win
1	c1.adform.net	asia.adform.net
1	www.google.de	www.12play8.win
1	td.doubleclick.net	www.googletagmanager.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	s2.adform.net	www.12play8.win
1	fonts.googleapis.com	www.12play8.win
1	12play8.win	1 redirects
49	17

This site contains no links.

Subject Issuer	Validity	Valid
12play8.win WE1	`2024-10-01` - `2024-12-30`	3 months	crt.sh
upload.video.google.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google-analytics.com WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-07-13` - `2024-10-11`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.doubleclick.net WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
*.google.de WR2	`2024-09-16` - `2024-12-09`	3 months	crt.sh
track.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-09-03` - `2025-09-24`	a year	crt.sh
*.seadform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-08`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.12play8.win/
Frame ID: EFA1F12A8C3211178075C3309771E80A
Requests: 46 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-LS02WB5YWG&gacid=1572753918.1728001110&gtm=45je4a20v9136242725za200&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=1884023918
Frame ID: 8AD5468EAB9A3C46E3B92AF55BF09BBA
Requests: 1 HTTP requests in this frame

Frame: https://asia.adform.net/serving/container/?pm=1525281&lid=156163967&ctype=0&media=0&PageName=12play8.win%2f&rnd=1848470097&cpref=&loc=https%3a%2f%2fwww.12play8.win%2f
Frame ID: 69706F79A62607350385CDB7AA001620
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/imatch/pixels?bt=0&uid=5475893912794466600&agencyId=6461&advertiserId=2020492&src=tp&rnd=982350
Frame ID: 25B7E8889F6DA18F788DD6568C620CBE
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Best Online Casino Malaysia | Most Popular & Trusted Casino Website

Page URL History Show full URLs

https://12play8.win/ HTTP 301
https://www.12play8.win/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

49
Requests

96 %
HTTPS

44 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

3193 kB
Transfer

5032 kB
Size

52
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://12play8.win/ HTTP 301
https://www.12play8.win/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 19

https://asia.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 37

https://asia.adform.net/Serving/TrackPoint/?pm=1525281&ADFdivider=%7C&ord=604367840517&ADFtpmode=2&loc=https%3A%2F%2Fwww.12play8.win%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24 HTTP 302
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=1525281&ADFdivider=%7C&ord=604367840517&ADFtpmode=2&loc=https%3A%2F%2Fwww.12play8.win%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

49 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
www.12play8.win/
Redirect Chain

https://12play8.win/
https://www.12play8.win/

6 KB
3 KB

540ms
527ms

Document
text/html

172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e38785a7de9cc85180bf216f2539917fe6d1c98a2a4a3a9ba892060590c5146e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cf-cache-status: DYNAMIC
cf-ray: 8cd0feb33c20dbec-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 04 Oct 2024 00:18:29 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xmQIYquuQibT%2B2Aesb8afLD3EYGSRnDrTmlLTpN6PN7OcqVNwgYxMLV%2FXphlHtE9pK4yhTQRh3Yap8EJPFOvyG1foz%2Bz0lIN4H8CJjceIknte68JDphxN7Dd82hMwq0diSg%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding

Redirect headers

cache-control: max-age=3600
cf-ray: 8cd0feb30bf9dbec-FRA
content-length: 167
content-type: text/html
date: Fri, 04 Oct 2024 00:18:28 GMT
expires: Fri, 04 Oct 2024 01:18:28 GMT
location: https://www.12play8.win/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1IGchg9DOrpYwa9FHc%2FhZCdTuh42UxND082rLgejwer44ORj8wji62sByN1sD07HIq1yMcZPdePSWFlq8xk7DYH5luZoHoJxsMR2S%2BLlkOC8iAgoo8yHja6cQRYzTA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding

GET
H3 200 speculation
www.12play8.win/cdn-cgi/ 128 B
541 B 14ms
12ms Other
application/speculationrules+json 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/cdn-cgi/speculation
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin: https://www.12play8.win
Referer: https://www.12play8.win/

Response headers

nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vTXd1QH6xCPmY70RaMtDFMZAQkwaE%2FIc0MFyw7r0%2FT6a6dAZnGJi%2BproI5tKdXSCX4aY3Qf6NOgxmfAJhz6ezPxNe6bDx2PD93HvJ4X9XtyIbAcNbO5ObWh6QHQYXkxWWFA%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0feb689cadbec-FRA
access-control-allow-origin: https://www.12play8.win
content-length: 128
date: Fri, 04 Oct 2024 00:18:29 GMT
content-type: application/speculationrules+json
vary: Origin, Accept-Encoding
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 44ms
18ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,700%7CVarela+Round

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

455aebaaf8d55a159ee04306336c8774eddb4dd3afda9c31af1aabe63e4ce670

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 00:18:29 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:29 GMT
content-type: text/css; charset=utf-8
last-modified: Fri, 04 Oct 2024 00:18:29 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 bootstrap.min.css
www.12play8.win/css/ 141 KB
28 KB 791ms
790ms Stylesheet
text/css 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/css/bootstrap.min.css?v=1
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f8d728d935edbf2aeae36b6b3d96634885dbd474ddd1cc7d80711449109221b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"235bf-5a7261c5bba3a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oa4G2Q9InfpbMsUwZpOUk2xV12JqdYRlak67BnfS5M1VsCi6PKujuQzaH4wTEbdD%2F8oVWD5hJ%2Fw3hHukxsmd3j%2FP8GQJ1i0FIVqiJk6vxshRNsW3ar6ySJEK2ojpCNd8yyM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0feb699cbdbec-FRA
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 03 Jun 2020 04:03:29 GMT

GET
H3 200 font-awesome.min.css
www.12play8.win/css/ 30 KB
8 KB 564ms
562ms Stylesheet
text/css 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/css/font-awesome.min.css
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"7918-59fd7a8ebdef0"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cO5i5DExZJVs4rtmDR6rUEFQvcbTNMqYcrKXjm%2BR2WwuzKRbM2aRR21SE2%2FOgNA5tmjZVGXtCEEdRbBMzHihMCzRSGAohoIcDkqib1fmxww5ONEWEMb38tZ7Q%2F1NLmta2tQ%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0feb699ccdbec-FRA
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 02 Mar 2020 04:31:24 GMT

GET
H3 200 swiper.min.css
www.12play8.win/css/ 19 KB
4 KB 544ms
543ms Stylesheet
text/css 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/css/swiper.min.css
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 67b6584af0fff14908d8f05c0eb9d59cb809da113feffd197f3ddb38a779ea45

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"4bef-59fd7a889b9e6"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=i%2BY%2FoenKHNaE%2BVm4yzn0IemsXhzOiQFhwLZgpLl1BCdRKsGzrR69hYe2BekbzF1OjJ24C3npDx7IvNQbjCWMv5HTSD1MxyDRJaAI1Uoyt2sejas3wnYWCaxLDGVRU9ht5w4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0feb699cddbec-FRA
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 02 Mar 2020 04:31:17 GMT

GET
H3 200 style_2024.css
www.12play8.win/css/ 10 KB
3 KB 535ms
533ms Stylesheet
text/css 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/css/style_2024.css?v1.2
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d0c8e6750566b23e31d0a32be73280f46101a9c0eb3a845698b2b326263a185

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"2701-6211ac57bb435"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3q3EPQT7j5XJJJ91AWlVdnSPxEFRGX6crWIUmdhK3b6KKZIH97d8sT8RBM953GveTf90g1z4GYU6aPm6jnZAb%2FjgEECXR490rVK%2BcIWmOWtskiy3lp9%2BNyIKzNvGN%2BiUZDM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0feb699cedbec-FRA
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: text/css
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 02 Sep 2024 03:45:26 GMT

GET
H3 200 wc-desktop-vendor-b&w.svg
www.12play8.win/image/ 81 KB
27 KB 781ms
781ms Image
image/svg+xml 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.12play8.win/image/wc-desktop-vendor-b&w.svg
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f3392e911ed7644ca46a69ddc76dbf8149d3e3395a2082ad62d3c4080cf3ba41

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
etag: W/"14281-59fd7a89c47e8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W5dstxEM7O8aLAgCn2t8rILzqghVjqr68t6xaqNebQsPXuwBq0nf9PcQRfqRmz0NxY3ZegnxFcQYRfb80dL0xJZujB87A0AB7BfY%2FLtODRBMLT5UCBmoh8296zD51F1z2hU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0feb699d0dbec-FRA
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: image/svg+xml
last-modified: Mon, 02 Mar 2020 04:31:19 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 wc-mobile-vendor-b&w.svg
www.12play8.win/image/ 80 KB
27 KB 983ms
983ms Image
image/svg+xml 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.12play8.win/image/wc-mobile-vendor-b&w.svg
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 92c2f2fd33ed1a41bf26eba048d51fb9e86a7b21b42864a18b2c996052044c37

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
etag: W/"141ea-59fd7a8fc3a72"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6DEoijNf24cM3KWw4Ld3EUangtuJYi5FvAmHwpPOAKPBeHCnzYbKAKBpzAM%2BnmRzpy51viG%2FZA9H4dBcWBNEp8g1tYn2RQKaH18Yzb2F7m2edEb%2Bi6rQyecPOthv%2BP3nBHo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0feb6a9e2dbec-FRA
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: image/svg+xml
last-modified: Mon, 02 Mar 2020 04:31:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 jquery.min.js Show response
www.12play8.win/js/ 82 KB
35 KB 796ms
795ms Script
application/javascript 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/js/jquery.min.js?v=1
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e9945d7ebf431506391edb3431741c9007f4248bbb09dd451f54d67da1ef01e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"14962-5a7261c5be91a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1z7fi1JRHA4nL3SI4R%2FmLUdDOEB9FzR5nd7Nx6CJ%2B8PQ8ro%2Fj6fr%2BA8FGGDNxP2lHvfJ%2FxbzMhTqIeE0T9A9Otim0vu94gW4xwfnAa6YZm%2BMg7voFV8gl98CfW2SrF6Tg8I%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0febb9ff9dbec-FRA
date: Fri, 04 Oct 2024 00:18:31 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 03 Jun 2020 04:03:29 GMT

GET
H3 200 bootstrap.min.js Show response
www.12play8.win/js/ 36 KB
12 KB 809ms
807ms Script
application/javascript 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/js/bootstrap.min.js
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"90b5-59fd7a8ebcf50"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YazN%2Fjmqv8N8mR8WhL92tcGOp3FmISF%2F4u3cmHFQ1tv1%2FnN5wJGTMc%2Fi9tRcWdnuy094PzPmCF4sf8w1hZdsok3ksS5CUlKFU5tpU9SFXDf3wTEbxqYAols924lKMFdEtAM%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0febb9ffbdbec-FRA
date: Fri, 04 Oct 2024 00:18:31 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Mon, 02 Mar 2020 04:31:24 GMT

GET
H3 200 swiper.min.js Show response
www.12play8.win/js/ 112 KB
36 KB 777ms
774ms Script
application/javascript 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/js/swiper.min.js?v=1
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4a81188ed52f08fc993a9943b68a803eb350c9fdee0415e2c7c99d32c494769

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: gzip
cf-cache-status: MISS
etag: W/"1bebe-5a7261c5be91a"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GctT66loDGjZq4P1Ps8t3N9Z68iVzdghtDvXd1SBZdqC77cIjhxO7CovsE8Pcu%2FMta4XlDDmFlaE45PyM35aGVAbu5rEBaMTVVPEpb00KqX%2BYVhJPX3xaBIXSGBNar9l6%2FY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0febba803dbec-FRA
date: Fri, 04 Oct 2024 00:18:31 GMT
content-type: application/javascript
vary: Accept-Encoding
server: cloudflare
last-modified: Wed, 03 Jun 2020 04:03:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 34ms
6ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: gzip
age: 3135
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options: nosniff
expires: Fri, 04 Oct 2024 01:26:15 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 03 Oct 2024 23:26:15 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
content-type: text/javascript
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 20994
server: Golfe2

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 319 KB
105 KB 58ms
31ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KT97CDP

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e4f64f5535f6baff1d54c4d8ef736fdef69d64fcd60892ad368e8a04c4cf37c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires: Fri, 04 Oct 2024 00:18:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 04 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 107236
x-xss-protection: 0
server: Google Tag Manager

GET
H3 206 region-video.mp4
www.12play8.win/video/ 2 MB
2 MB 522ms
522ms Media
video/mp4 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/video/region-video.mp4
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24dd9cfc822c1bffde89a5219561add9c107cd834ecaaaef1e647d9cfaba6b73

Request headers

Referer: https://www.12play8.win/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range: bytes=0-

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "234037-5d221114cb2d8"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=y6ai5lduuPdLNmqBN%2BGAOnPRCxvugxIs18zDC5q7pfP67Vx%2BiuRl85yGh4DGw3BzeqOLVsy2nYyyoF3O0QAQG91HOFz%2F4%2BmW2gHm4wAyxHHivaDx7cKtKl7C7su8IDKWL9M%3D"}],"group":"cf-nel","max_age":604800}
Content-Range: bytes 0-2310198/2310199
cf-ray: 8cd0febbb81bdbec-FRA
Content-Length: 2310199
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: video/mp4
last-modified: Thu, 02 Dec 2021 03:05:49 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
435 B 16ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2105467883&t=pageview&_s=1&dl=https%3A%2F%2Fwww.12play8.win%2F&ul=de-de&de=UTF-8&dt=Best%20Online%20Casino%20Malaysia%20%7C%20Most%20Popular%20%26%20Trusted%20Casino%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1210402516&gjid=1804011709&cid=1572753918.1728001110&tid=UA-72251771-1&_gid=1427304057.1728001110&_r=1&_slc=1&z=306251651

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8a37ccbfd31eae54db7e41868d5013f3f4b654b03f70bcb7563fd1ed264193d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.12play8.win/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:30 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.12play8.win
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 15
server: Golfe2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 275 KB
97 KB 26ms
25ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-LS02WB5YWG&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

430a8f10dbf164bdd7cf125cd1df6327bcad5012f286d3d1a97ba2e49e0194db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 04 Oct 2024 00:18:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 98823
x-xss-protection: 0
server: Google Tag Manager

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
102 KB 32ms
31ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-P7F8RG4K6N&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KT97CDP

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

16b7fc1c97494f5e4163f020876138860ac476c081d3aaadfd21370dbf0da34b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Fri, 04 Oct 2024 00:18:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 104661
x-xss-protection: 0
server: Google Tag Manager

POST
H3 200 collect Show response
www.google-analytics.com/j/ 3 B
26 B 16ms
15ms XHR
text/plain 216.239.38.178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=2105467883&t=pageview&_s=1&dl=https%3A%2F%2Fwww.12play8.win%2F&ul=de-de&de=UTF-8&dt=Best%20Online%20Casino%20Malaysia%20%7C%20Most%20Popular%20%26%20Trusted%20Casino%20Website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAACAAI~&jid=1716492882&gjid=2001784239&cid=1572753918.1728001110&tid=UA-210862052-1&_gid=1427304057.1728001110&_r=1&_slc=1&gtm=45He4a20n81KT97CDPv832039840za200&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&npa=1&z=1419454797

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.239.38.178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain
Referer: https://www.12play8.win/

Response headers

report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:30 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: text/plain
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin: https://www.12play8.win
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 3
server: Golfe2

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 235 KB
85 KB 58ms
58ms Script
application/javascript 216.58.212.168
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-11003975119&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KT97CDP

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.212.168 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f168.1e100.net

Software

Google Tag Manager /

Resource Hash

6907a8ba316ef256270d51ec81529061896805bc4bbc7724af13bcbbf1de9267

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires: Fri, 04 Oct 2024 00:18:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
last-modified: Fri, 04 Oct 2024 00:00:00 GMT
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 86611
x-xss-protection: 0
server: Google Tag Manager

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://asia.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

80 KB
31 KB

111ms
38ms

Script
application/javascript

37.157.4.21
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H2
Server: 37.157.4.21 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

x-cache-status: HIT
cache-control: public, max-age=604800
content-encoding: gzip
etag: W/"1c188eabf1f0749a0cffb2c108473370"
x-amz-request-id: tx0000025adb5d548433883-0066b49e88-3298ef0d-default
access-control-allow-origin: *
date: Fri, 04 Oct 2024 00:18:31 GMT
x-rgw-object-type: Normal
content-type: application/javascript
vary: Accept-Encoding
server: nginx
last-modified: Fri, 08 Mar 2024 07:02:31 GMT

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Fri, 04 Oct 2024 00:18:31 GMT
content-type: text/html
server: nginx

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 202ms
133ms Script
application/javascript 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCPCK4BC77UC55NTQTB0&lib=ttq
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1217ded1b9e773ba37f66545b6389271393639a4a471bd57d00bd59e3846e681

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: gzip
expires: Fri, 04 Oct 2024 00:18:30 GMT
server-timing: inner; dur=3, cdn-cache; desc=MISS, edge; dur=0, origin; dur=116
x-cache: TCP_MISS from a23-213-160-211.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
x-akamai-request-id: 9a70e114
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c896c030d982ca9f4bf2baf80ab941f2eee68add824cd5647ff0e4856faea32a8ecebe69d61ab4c08ec08f5a664d67088ad890d0b31de3c575322d002af03c92e811daf384e7bd9bf3e4be56f6c6a7551d
x-origin-response-time: 116,23.213.160.211
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24100400183000B0C6E9E8C7FFEDE360-01F0B5B42040D293-00
content-length: 1907
x-tt-logid: 2024100400183000B0C6E9E8C7FFEDE360
server: nginx

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 226 KB
58 KB 26ms
11ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4431, tp=9, tpl=0, uplat=3, ullat=-1
pragma: public
x-fb-debug: Lg5lZrvga97P4g/LsEV+WuYnV8k9ptYgIgKHqST3hBgotcgsV1zMIZDBvNwA+V7cWbzX/wpHbfA87AcvfZwCMA==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 59131
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 48ms
17ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-LS02WB5YWG&gtm=45je4a20v9136242725za200&_p=1728001110332&_gaz=1&gcd=13l3l3l2l2l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&ul=de-de&sr=1600x1200&cid=1572753918.1728001110&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.12play8.win%2F&dt=Best%20Online%20Casino%20Malaysia%20%7C%20Most%20Popular%20%26%20Trusted%20Casino%20Website&sid=1728001110&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1572
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LS02WB5YWG&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.12play8.win
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
555 B 81ms
19ms Ping
text/plain 2a00:1450:400c:c1f::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-LS02WB5YWG&cid=1572753918.1728001110&gtm=45je4a20v9136242725za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&frm=0&tag_exp=101671035~101747727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LS02WB5YWG&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1f::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.12play8.win
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 rul
td.doubleclick.net/td/ga/ Frame 8AD5 0
0 58ms
21ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://td.doubleclick.net/td/ga/rul?tid=G-LS02WB5YWG&gacid=1572753918.1728001110&gtm=45je4a20v9136242725za200&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&pscdl=noapi&_ng=1&aip=1&fledge=1&frm=0&tag_exp=101671035~101747727&z=1884023918

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-LS02WB5YWG&cx=c&_slc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.12play8.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 16
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 04 Oct 2024 00:18:30 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 51ms
20ms Image
image/gif 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&_ng=1&tid=G-LS02WB5YWG&cid=1572753918.1728001110&gtm=45je4a20v9136242725za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l2l1&npa=0&frm=0&tag_exp=101671035~101747727&tag_exp=101671035~101747727&z=1486607008

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Fri, 04 Oct 2024 00:18:30 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 514195976818399 Show response
connect.facebook.net/signals/config/ 77 KB
15 KB 124ms
124ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/514195976818399?v=2.9.170&r=stable&domain=www.12play8.win&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

e935850eea4e84915b844bb4e39d3392331c244be32a9c61b7ca0d3af7681f0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=68, mss=1232, tbw=67293, tp=63, tpl=0, uplat=116, ullat=0
pragma: public
x-fb-debug: KVHedHeoYmg8FGvzdy4YUgx1DvwLeVoGR7XXjRShd6WpfPKyYkemXNGXFeN3ZrbCV7vhtwJI0hous0uqShM0uQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 16ms
15ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P7F8RG4K6N&gtm=45je4a20v885654762z8832039840za200zb832039840&_p=1728001110332&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1572753918.1728001110&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1728001110&sct=1&seg=0&dl=https%3A%2F%2Fwww.12play8.win%2F&dt=Best%20Online%20Casino%20Malaysia%20%7C%20Most%20Popular%20%26%20Trusted%20Casino%20Website&en=page_view&_fv=2&_ss=1&tfd=1686
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P7F8RG4K6N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.12play8.win
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: text/plain
server: Golfe2

GET
H2 200 main.MWZkMThhNTg2MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 336 KB
94 KB 27ms
26ms Script
application/javascript 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkMThhNTg2MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CCPCK4BC77UC55NTQTB0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 3fab98a127a8cba049fa0552692f70b455b078103dea0573a1389f32f09732f0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-211.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=15
x-tt-trace-id: 00-2409261313508D2BEA0FEDD1C2535D56-0A62922B78037DCE-00
content-length: 95311
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 202409261313508D2BEA0FEDD1C2535D56
server: nginx
x-akamai-request-id: 9a70e380
x-tt-trace-host: 0133b3847e4c2c7db9cb2f6b9dab1ee3f760b05d4373f98d71f1e2724dd532879ac0efefddd32eac241811ff99ed43921beb500d18614343c9a315efd2b12a5d84951c1fd8c698c26c42d518dbc7e94c2b208d3ef9c4c20412f606431b761e7095

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 11ms
11ms Script
application/javascript 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkMThhNTg2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

x-cache: TCP_MEM_HIT from a23-213-160-211.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
vary: Accept-Encoding
cache-control: public, max-age=31536000, immutable
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
x-tt-trace-id: 00-24083002252950025D613AEAED5E2E70-5FCAA6CF46C69E27-00
content-length: 39330
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: application/javascript; charset=UTF-8
x-tt-logid: 2024083002252950025D613AEAED5E2E70
server: nginx
x-akamai-request-id: 9a70e468
x-tt-trace-host: 0143abac0f4003bd96af5c29253b82c47e8db99c3db24377a0ec0f593a97ff9053ed8bacb2facd45510bd70fd5888da7ef0bb467635bf5910beb0397f1ea6f235de9eceeaeab5dc847218a3c21479232eaedc14dee6e452a6b12499eec72aa4719

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
879 B 168ms
167ms Ping
text/plain 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkMThhNTg2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.12play8.win/

Response headers

x-cache-remote: TCP_MISS from a23-220-105-90.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 04 Oct 2024 00:18:30 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=94, origin; dur=65, inner; dur=60
x-cache: TCP_MISS from a23-213-160-211.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date: Fri, 04 Oct 2024 00:18:30 GMT
x-akamai-request-id: 97466bbe.9a70e48d
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c8b595840c4235db6d5009ebfa7d62c862612116f1192dbe4639d7d7bdbf12959927642e28b84d5d0a379c72437c8158c273f6e74505db14c54a664105cb425dd78c3f4af7d829383f5a08a622a344285a5ef1e9bb33201cc734768b84e270c79a
x-origin-response-time: 65,23.220.105.90
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-241004001830AAD821B31FCCEAE87BAF-1913CFE120198B38-00
content-length: 0
x-parent-response-time: 153,23.213.160.211
x-tt-logid: 20241004001830AAD821B31FCCEAE87BAF
server: nginx

GET
H3 200 594926042412546 Show response
connect.facebook.net/signals/config/ 25 KB
3 KB 119ms
118ms Script
application/x-javascript 157.240.253.1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/594926042412546?v=2.9.170&r=stable&domain=www.12play8.win&hme=d82868061a8c707cd31395a3055e7449daa03bd520872727258c39e6af34523e&ex_m=70%2C120%2C106%2C110%2C61%2C4%2C99%2C69%2C16%2C96%2C88%2C51%2C54%2C171%2C174%2C186%2C182%2C183%2C185%2C29%2C100%2C53%2C77%2C184%2C166%2C169%2C179%2C180%2C187%2C130%2C41%2C34%2C142%2C15%2C50%2C193%2C192%2C132%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C92%2C17%2C14%2C95%2C91%2C90%2C107%2C52%2C109%2C39%2C108%2C30%2C93%2C26%2C167%2C170%2C139%2C28%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C101%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C103%2C102%2C104%2C97%2C10%2C20%2C3%2C38%2C74%2C19%2C85%2C56%2C83%2C33%2C73%2C0%2C94%2C32%2C82%2C87%2C47%2C46%2C86%2C37%2C5%2C89%2C81%2C44%2C35%2C84%2C2%2C36%2C63%2C42%2C105%2C45%2C79%2C68%2C111%2C60%2C59%2C31%2C98%2C58%2C55%2C49%2C78%2C72%2C24%2C112%2C199%2C198%2C200%2C205%2C206%2C207%2C203%2C195%2C131%2C133%2C162%2C194%2C196%2C121%2C156%2C144%2C150%2C188%2C189%2C128%2C231%2C115%2C125%2C126%2C232%2C164%2C118%2C234%2C165%2C135%2C122%2C153%2C147%2C113%2C127

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra5.fbcdn.net

Software

Resource Hash

f94d86a6827362a2244e111392504c5be9132fb567c3baf471a87f64001f23a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'unsafe-inline' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
edge-control: cache-maxage=10m
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=9, rtx=0, c=82, mss=1232, tbw=84049, tp=79, tpl=0, uplat=105, ullat=1
pragma: public
x-fb-debug: 4L2BjvA7Y8KmqXBv34Y3LBkSK0sc8abgK3p7sKhO+c8PQYo32qwZKSLpGxYf92MkjeocQxC9lC9aTXsrXSXSNQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 31ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=514195976818399&ev=PageView&dl=https%3A%2F%2Fwww.12play8.win%2F&rl=&if=false&ts=1728001110772&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728001110769.981159411969470841&cs_est=true&ler=empty&cdl=API_unavailable&it=1728001110588&coo=false&rqm=GET

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=2918, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
856 B 207ms
185ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=514195976818399&ev=PageView&dl=https%3A%2F%2Fwww.12play8.win%2F&rl=&if=false&ts=1728001110772&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728001110769.981159411969470841&cs_est=true&ler=empty&cdl=API_unavailable&it=1728001110588&coo=false&rqm=FGET

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421708256681940284"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 1Gn7qPzl0oHEonNRDOkIR5XRynrjy1uT8Axc5JbYBVphuA5axkXqYDWm4TU89yAfyIYEZq0pq1s4j7GKuKvHDA==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421708256681940284", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=6249, tp=-1, tpl=-1, uplat=175, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 9ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=594926042412546&ev=PageView&dl=https%3A%2F%2Fwww.12play8.win%2F&rl=&if=false&ts=1728001110898&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728001110769.981159411969470841&ler=empty&cdl=API_unavailable&it=1728001110588&coo=false&rqm=GET

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=3305, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: text/plain
server: proxygen-bolt

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 83ms
83ms Image
image/png 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=594926042412546&ev=PageView&dl=https%3A%2F%2Fwww.12play8.win%2F&rl=&if=false&ts=1728001110898&sw=1600&sh=1200&v=2.9.170&r=stable&ec=0&o=12318&fbp=fb.1.1728001110769.981159411969470841&ler=empty&cdl=API_unavailable&it=1728001110588&coo=false&rqm=FGET

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7421708256812450551"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Fri, 04 Oct 2024 00:18:30 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: 9BLkipWHpKsEqpQ2RKcUpvFyXrRUEEkHIjzbW5H9wvhU9ap1ue+wUuFdC/HmezFHH+P5jDmrHr/lLONZ7Xe7Dg==
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7421708256812450551", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1297, tbw=3451, tp=-1, tpl=-1, uplat=71, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?0

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
875 B 151ms
147ms Ping
text/plain 23.213.161.209
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWZkMThhNTg2MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.209 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-209.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.12play8.win/

Response headers

x-cache-remote: TCP_MISS from a23-48-100-43.deploy.akamaitechnologies.com (AkamaiGHost/11.6.5-0c617a4be13e71cac2c90d10d87ecf54) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
expires: Fri, 04 Oct 2024 00:18:31 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=109, origin; dur=18, inner; dur=13
x-cache: TCP_MISS from a23-213-160-211.deploy.akamaitechnologies.com (AkamaiGHost/11.6.4-e26983a004e229b4ffa935b6e3b2fe8f) (-)
date: Fri, 04 Oct 2024 00:18:31 GMT
x-akamai-request-id: 2ca52b56.9a70e871
access-control-allow-headers: Authorization,*
x-tt-trace-host: 0183065cffbd455dc2e304d247773271c8b595840c4235db6d5009ebfa7d62c862f7d4f2d66bfad47903e1111b2a31ffe152c5100c7186f0851d1f8bb997dcd8aa97bbf8d1aaf7ca178e2b1d7ff7e5af16dcebafba058d4a66244aa85805982e2dc1c0a0bda2a5d410bbdcc18cf99d680c
x-origin-response-time: 18,23.48.100.43
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
access-control-allow-origin: *
x-tt-trace-id: 00-2410040018314356312F1517CDE48298-237DABFD1446D99D-00
content-length: 0
x-parent-response-time: 119,23.213.160.211
x-tt-logid: 202410040018314356312F1517CDE48298
server: nginx

GET
H2

200

/ Show response
asia.adform.net/Serving/TrackPoint/
Redirect Chain

https://asia.adform.net/Serving/TrackPoint/?pm=1525281&ADFdivider=%7C&ord=604367840517&ADFtpmode=2&loc=https%3A%2F%2Fwww.12play8.win%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24
https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=1525281&ADFdivider=%7C&ord=604367840517&ADFtpmode=2&loc=https%3A%2F%2Fwww.12play8.win%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

1 KB
1 KB

202ms
201ms

Script
text/javascript

185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=1525281&ADFdivider=%7C&ord=604367840517&ADFtpmode=2&loc=https%3A%2F%2Fwww.12play8.win%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

d566f20132cf0c0753427e3fef65575be62930b53a29d4a248625e5fdbaccf02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
content-length: 795
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Fri, 04 Oct 2024 00:18:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate, no-transform
location: https://asia.adform.net/Serving/TrackPoint/?CC=1&pm=1525281&ADFdivider=%7C&ord=604367840517&ADFtpmode=2&loc=https%3A%2F%2Fwww.12play8.win%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24
pragma: no-cache
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
expires: -1
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Fri, 04 Oct 2024 00:18:31 GMT
content-type: text/html; charset=utf-8
server: nginx

GET
H2 200 /
asia.adform.net/serving/container/ Frame 6970 0
0 591ms
193ms Document
text/html 185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://asia.adform.net/serving/container/?pm=1525281&lid=156163967&ctype=0&media=0&PageName=12play8.win%2f&rnd=1848470097&cpref=&loc=https%3a%2f%2fwww.12play8.win%2f

Requested by

Host: asia.adform.net
URL: https://asia.adform.net/serving/scripts/trackpoint/async/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.12play8.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 04 Oct 2024 00:18:32 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 pixels
c1.adform.net/imatch/ Frame 25B7 0
0 80ms
20ms Document
text/html 37.157.3.26
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/imatch/pixels?bt=0&uid=5475893912794466600&agencyId=6461&advertiserId=2020492&src=tp&rnd=982350

Requested by

Host: asia.adform.net
URL: https://asia.adform.net/Serving/TrackPoint/?pm=1525281&ADFdivider=%7C&ord=604367840517&ADFtpmode=2&loc=https%3A%2F%2Fwww.12play8.win%2F&Set1=de-DE%7Cde-DE%7C1600x1200%7C24

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.26 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.12play8.win/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 04 Oct 2024 00:18:31 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding

GET
H2 200 /
asia.seadform.net/serving/cookie/sync/ 35 B
467 B 605ms
188ms Image
image/gif 185.84.60.23
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://asia.seadform.net/serving/cookie/sync/?uid=5475893912794466600&stamp=nVKLmfhgg9IDvP-67D9Y4w2

Requested by

Host: www.12play8.win
URL: https://www.12play8.win/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

185.84.60.23 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
date: Fri, 04 Oct 2024 00:18:32 GMT
content-type: image/gif
server: nginx

GET
H3 200 favicon.ico
www.12play8.win/ 1 KB
2 KB 528ms
528ms Other
image/vnd.microsoft.icon 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.12play8.win/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: acbebd1fd5514221cd4003e4373d5d110df4a9a53916dea84c548d0d32dbcb33

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding: br
cf-cache-status: MISS
etag: W/"5de-59fd7a9065c33"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PdQTBZNgP7ig2fafWDFYZSm4Noi416sluv6spjbWPXfXzCb1KHLxFpzOLrLXEpw2oYuONEHcCBhwkxK8j0USQ9In2kl38XpRDB9mVU6SzmNBwJaXLvxevZkzmPpBpXNSYFc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0fecd3972dbec-FRA
date: Fri, 04 Oct 2024 00:18:33 GMT
content-type: image/vnd.microsoft.icon
last-modified: Mon, 02 Mar 2020 04:31:26 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 regional-international.png
www.12play8.win/image/ 16 KB
16 KB 814ms
813ms Image
image/png 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.12play8.win/image/regional-international.png
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/css/style_2024.css?v1.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 623c28cdfe70d5dd8be588e55ff35285886fa5de39370fc8d3b2881be1cb9f1f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/css/style_2024.css?v1.2

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "3ffc-5e692e433102b"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gTG4YHnWO8GpxwoNmsTMacuaMf2o%2BQ%2BDYXDNsNlc%2BZwiri2AaoCzvhIJn9UVRKJiiuxpYIqc4uTzB%2FUXR2k%2BhjzpQ%2BIrJiy1jbbm95dxGEDn9jaocUBJVdITn7FCYP2DKBo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0fed38a1fdbec-FRA
accept-ranges: bytes
content-length: 16380
date: Fri, 04 Oct 2024 00:18:34 GMT
content-type: image/png
last-modified: Fri, 19 Aug 2022 07:17:31 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 regional-my.png
www.12play8.win/image/ 12 KB
13 KB 549ms
548ms Image
image/png 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.12play8.win/image/regional-my.png
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/css/style_2024.css?v1.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f93fbf4a324d1e0c785f33018641e84acac0e0762bf19a954492235e72e803d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/css/style_2024.css?v1.2

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "3139-59fd7a8db836f"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hDTXk9%2BCSccH2PBquVgp0QyR4wUYAwo1cEo%2FrNUAV2ISjks7o13LgLFQPiKy2%2BOdIgI9DAmSF%2F665aoLmIqPpxnd%2FyiXOEaItNe6C1K4OQxLQm9EdUF7dIWbBQ%2B2DEeEXc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0fed38a21dbec-FRA
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 12601
date: Fri, 04 Oct 2024 00:18:34 GMT
content-type: image/png
last-modified: Mon, 02 Mar 2020 04:31:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 regional-sg.png
www.12play8.win/image/ 11 KB
12 KB 548ms
547ms Image
image/png 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.12play8.win/image/regional-sg.png
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/css/style_2024.css?v1.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b0eb765e9ce36e9c13e73d8055b0145441295c5bf294b174d3688b3bf0e7dc6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/css/style_2024.css?v1.2

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "2d31-59fd7a8db73cf"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TnFGwAJO0UHq%2FQ9dUVDxb65Tig72hPMoXWEcvE%2Ftqud758LLuLQQhvdhEaEoUswUZ3lKH%2F2SSFxU5109%2FfUndTAYTvs3fdwhnr6s%2BUMxvRXtohh1ymh0zjSoPHp160BimZY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0fed38a23dbec-FRA
accept-ranges: bytes
content-length: 11569
date: Fri, 04 Oct 2024 00:18:34 GMT
content-type: image/png
last-modified: Mon, 02 Mar 2020 04:31:23 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 regional-th.png
www.12play8.win/image/ 16 KB
17 KB 742ms
741ms Image
image/png 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.12play8.win/image/regional-th.png?v1
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/css/style_2024.css?v1.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d55071285e28dffa804053907346296b4820b1d720d02e212e1add9b5ab64962

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/css/style_2024.css?v1.2

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "418c-616aaed850a7d"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TY2VQJbnZqYoyR04SsyZmMZiImhQ86mo36oeZa2oOFi1G4lBdDfw80ZkhpPw77S%2FcsYIWYXKc9G%2F7X%2Fvr%2Fx63ZOQFAGHK1S2y3NEEeKqwkHd9Au9egRMPTI26lo0na4cED0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0fed38a25dbec-FRA
accept-ranges: bytes
content-length: 16780
date: Fri, 04 Oct 2024 00:18:34 GMT
content-type: image/png
last-modified: Mon, 22 Apr 2024 08:07:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H3 200 regional-vn.png
www.12play8.win/image/ 30 KB
30 KB 768ms
767ms Image
image/png 172.67.205.31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.12play8.win/image/regional-vn.png?v1
Requested by: Host: www.12play8.win
URL: https://www.12play8.win/css/style_2024.css?v1.2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.205.31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e70dc687caa9e276c66e692ff74704f132a3c45deb5ae06d5e8d87b0ca8b147f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/css/style_2024.css?v1.2

Response headers

cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status: MISS
etag: "77d3-6211aa54171c5"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zxtuklQhL1xz6xP6cmLTVwkN8iCYf2YZhJa33R38RKpdpJWwxMWIoKdjbMbT%2F8q7gsW3eKi1LBOr1XtEUXJK2hl4JggGpXO%2BhR3omQLDPFgM2EBdFwD0BA2rMTzQRVhmwsY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray: 8cd0fed38a26dbec-FRA
accept-ranges: bytes
content-length: 30675
date: Fri, 04 Oct 2024 00:18:34 GMT
content-type: image/png
last-modified: Mon, 02 Sep 2024 03:36:25 GMT
vary: Accept-Encoding
server: cloudflare

POST
H2 204 collect
region1.google-analytics.com/g/ 0
0 18ms
17ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-P7F8RG4K6N&gtm=45je4a20v885654762za200zb832039840&_p=1728001110332&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=1572753918.1728001110&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=AEA&_s=2&sid=1728001110&sct=1&seg=0&dl=https%3A%2F%2Fwww.12play8.win%2F&dt=Best%20Online%20Casino%20Malaysia%20%7C%20Most%20Popular%20%26%20Trusted%20Casino%20Website&en=scroll&epn.percent_scrolled=90&_et=30&tfd=6727
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-P7F8RG4K6N&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer: https://www.12play8.win/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.12play8.win
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 04 Oct 2024 00:18:35 GMT
content-type: text/plain
server: Golfe2

Verdicts & Comments Add Verdict or Comment

30 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

52 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.12play8.win/	1970-01-21 00:01:27	Name: _gid Value: GA1.2.1427304057.1728001110
.12play8.win/	1970-01-21 00:00:01	Name: _gat Value: 1
.12play8.win/	1970-01-21 02:09:37	Name: _gcl_au Value: 1.1.1190250943.1728001110
.12play8.win/	1970-01-21 00:00:01	Name: _gat_UA-210862052-1 Value: 1
.12play8.win/	1970-01-21 09:36:01	Name: _ga_LS02WB5YWG Value: GS1.2.1728001110.1.0.1728001110.60.0.0
.12play8.win/	1970-01-21 09:36:01	Name: _ga Value: GA1.1.1572753918.1728001110
.12play8.win/	1970-01-21 09:36:01	Name: _ga_P7F8RG4K6N Value: GS1.1.1728001110.1.0.1728001110.0.0.0
.tiktok.com/	1970-01-21 09:21:37	Name: _ttp Value: 2mwwnCX6vqSCsLVC2LkGx0JtHZ4
.12play8.win/	1970-01-21 09:21:37	Name: _tt_enable_cookie Value: 1
.12play8.win/	1970-01-21 09:21:37	Name: _ttp Value: -2w3y9HkSSxcy0wDZzLAInBBtgU
.12play8.win/	1970-01-21 02:09:37	Name: _fbp Value: fb.1.1728001110769.981159411969470841
.adform.net/	1970-01-21 00:44:43	Name: C Value: 1
.adform.net/	1970-01-21 01:26:25	Name: uid Value: 5475893912794466600
.adform.net/	1970-01-21 00:01:27	Name: CM Value: 1\|1
.adform.net/	1970-01-21 00:20:10	Name: CM14 Value: 1728087511_1728001111_1728001111_1_Hu7u4e4e4R7u4e4REREeEREREAAA4Q
.eyeota.net/	1970-01-21 00:00:01	Name: SERVERID Value: 20821~DM
.casalemedia.com/	1970-01-21 08:45:37	Name: CMID Value: Zv80V7mqPU4AAEdZAYVtKQAA
.casalemedia.com/	1970-01-21 02:09:37	Name: CMPS Value: 3177
.casalemedia.com/	1970-01-21 02:09:37	Name: CMPRO Value: 3177
.semasio.net/	1970-01-21 08:45:37	Name: SEUNCY Value: BBB6F5D4D6139D83
.exelator.com/	1970-01-21 02:52:49	Name: EE Value: "dc1d775d44f9fdb591f80d58afa6a635"
cm.adsafety.net/	1970-01-21 08:45:37	Name: UID Value: CM12024100400c0d53f3ecfd7cef91e9
.adsafety.net/	1970-01-21 08:45:37	Name: cm_uid Value: CM12024100400c0d53f3ecfd7cef91e9
.exelator.com/	1970-01-21 02:52:49	Name: ud Value: "eJxrXxzq6XKLQSEl2TDF3Nw0xcQkzTItJcnU0jDNwiDF1CIxLdEs0czYdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIckl%252BUWb6IhfXxUUpaQyLSopPBZ%252FUKgIAyy8qbw%253D%253D"
tags.adsafety.net/	1970-01-21 08:45:37	Name: UID Value: dba10d9e4e82cc10b8bd959b156b9da4
tags.adsafety.net/	1970-01-21 08:45:37	Name: DID Value: dba10d9e4e82cc10b8bd959b156b9da4
tags.adsafety.net/	1970-01-21 08:45:37	Name: IDT Value: 100
tags.adsafety.net/	1970-01-21 08:45:37	Name: cookie_ver Value: 2
tags.adsafety.net/	1970-01-21 00:43:13	Name: block_reset Value: 1
.adsafety.net/	1970-01-21 08:45:37	Name: ct_uid Value: dba10d9e4e82cc10b8bd959b156b9da4
.adsafety.net/	1970-01-21 08:45:37	Name: ct_did Value: dba10d9e4e82cc10b8bd959b156b9da4
.adsafety.net/	1970-01-21 08:45:37	Name: ct_idt Value: 100
.adnxs.com/	1970-01-21 09:36:01	Name: receive-cookie-deprecation Value: 1
cm.adsafety.net/	1970-01-21 08:45:37	Name: permanent Value: 1
.agkn.com/	1970-01-21 08:45:37	Name: ab Value: 0001%3A9sZVzwL8wlsbsfrrPhut9JNIX49qZRiG
.adfarm1.adition.com/	1970-01-21 02:09:37	Name: UserID1 Value: 7421708263494515056
.demdex.net/	1970-01-21 04:19:13	Name: demdex Value: 84875170640724154173838157637726853748
ads.smartstream.tv/	1970-01-21 08:45:37	Name: DID Value: dba10d9e4e82cc10b8bd959b156b9da4
ads.smartstream.tv/	1970-01-21 08:45:37	Name: idt Value: 100
ads.smartstream.tv/	1970-01-21 08:45:37	Name: permanent Value: 1
ads.smartstream.tv/	1970-01-21 00:43:13	Name: cm_uid Value: CM12024100400c0d53f3ecfd7cef91e9
.w55c.net/	1970-01-21 09:30:15	Name: wfivefivec Value: GbKI4URo1SWw1G5
.w55c.net/	1970-01-21 00:43:13	Name: matchadform Value: 5
.dpm.demdex.net/	1970-01-21 04:19:13	Name: dpm Value: 84875170640724154173838157637726853748
.doubleclick.net/	1970-01-21 09:21:37	Name: IDE Value: AHWqTUnc1gyPGeegcvV7dMhPIBNJzqpR-cz2ZppM3T_rn4E6Rp5M4Nws07JEJLactQE
.weborama.fr/	1970-01-21 09:25:56	Name: AFFICHE_W Value: x6@5jQNMvsPH56
cm.adsafety.net/	1970-01-21 08:45:37	Name: cache0 Value: KzFHSk9wMUZsMkpMMjlsMzBXenlaL0c2bHlBZ1FYSllJWjFNL3U3RGZlY1BVWXNmUmUvRVBkYm1VZE5rMmtwWkpoR0dHQVpCN3RKNW04NHRtYy8yWjFmQXh3a1VnNHZSY0IxVk94NDVubEZBcTJlQ3hJYUl5WHZ5OWpMU25STkhEd0E2Y1dubWlhbEFpcTgvRnF1N09uY1dkN0REQW5lQ2tscTJPMzJxNlJlUTFTVW95d3VNcElQcnlTSEpkdkR1SldsRFUyeGplQlUzbDNtSGFpNGl0MS9NREhNUU9UK2prSW91R0hSWWhDYmM2T3gyeisrUVg1a0l2dEpKY3I1UkdYU3R2WGdkdUVvbHpEZzQ2RkNTdnNyRnlLdnFUY2VWTnlxdnlQakFXanZPSkR1aTdxdG9pakRXc3BUVTh1WEplUGxFWTB6L0tYa0Y3UU5rSzBreURoTHo4bVY5L3dXalhVb3BCb2JIVWd0S3YyVXdwOVhNQjBpWUpwVEhhUWtmdmwydkhIa0pWRm1PNk1ncHIyNmNleE9PVWUvVElkZENIMEpaQlF3OTByNUtaMWVmN0NXb0Z1bTIzZzN3MVpHTTZMektYZFJUa04xdmxjcEJmTDRhNVpHTmhqNzVBM1lXRDBJRVJNR0dyNUpKTndGYXVXdHZxdDQ2ZjQrYzBmUndxRFlENGJmTVV5clkzckxsUmNuQ0NHYUxkdDVNd0QyL2FVK1V5RGNmbjJqOVFXS1lHRFJHbzZOT3hjQkJzY1JWRm1ReUliczA2VnBEQnRqN3RERGR5NzZUbEV6V1l1ekZmRmN1dnZxcnAzdVhaMWdSZlNYa2p5d3Y4aGo5TnhBWVljNnlVNWZLT0RHSm1qdXRHbjF6ZmFxWkVrWmdnZGUxZ3g1ejRPK2d5RDFOelNhMTU3YUhhK2NHUVZCd1NQeXpna0l1cWQvZk1iaTN0RmYwMEpqOXpDZFJMWXluL3l4UTZDbG9qTW5yK0tGZ0c5a09aMjhNUmduSnEzQTBjRkltOXlqOVpzbnk2NERBWm5GREliMXV5STdmb3l3SUZ5eWU1Qmx2ZDIxTzhqSWJIV3dKQlZvOEpZV25EY1dISTd4OStWV1JTTitoY2VRSWJOMExoUm5mbXc9PQ%3D%3D
.onaudience.com/	1970-01-21 00:01:27	Name: done_redirects147 Value: 1
.onaudience.com/	1970-01-21 08:45:37	Name: cookie Value: 4046c8e33ecb650c
.onaudience.com/	1970-01-21 00:01:27	Name: done_redirects252 Value: 1
.seadform.net/	1970-01-21 01:26:28	Name: uid Value: 5475893912794466600
tsyndicate.com/	1970-01-21 08:45:37	Name: ts_rt_0ebd2fa6-d86b-4c51-976e-f848181d80b7 Value: AAMC

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

12play8.win
analytics.tiktok.com
asia.adform.net
asia.seadform.net
c1.adform.net
connect.facebook.net
fonts.googleapis.com
region1.analytics.google.com
region1.google-analytics.com
s2.adform.net
stats.g.doubleclick.net
td.doubleclick.net
www.12play8.win
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
142.250.185.131
157.240.253.1
172.67.205.31
185.84.60.23
2001:4860:4802:32::36
216.239.38.178
216.58.212.168
23.213.161.209
2a00:1450:4001:802::2008
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:400c:c1f::9d
2a03:2880:f176:181:face:b00c:0:25de
37.157.3.26
37.157.4.21
0f93fbf4a324d1e0c785f33018641e84acac0e0762bf19a954492235e72e803d
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1217ded1b9e773ba37f66545b6389271393639a4a471bd57d00bd59e3846e681
16b7fc1c97494f5e4163f020876138860ac476c081d3aaadfd21370dbf0da34b
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
24dd9cfc822c1bffde89a5219561add9c107cd834ecaaaef1e647d9cfaba6b73
2b0eb765e9ce36e9c13e73d8055b0145441295c5bf294b174d3688b3bf0e7dc6
2f8d728d935edbf2aeae36b6b3d96634885dbd474ddd1cc7d80711449109221b
3fab98a127a8cba049fa0552692f70b455b078103dea0573a1389f32f09732f0
430a8f10dbf164bdd7cf125cd1df6327bcad5012f286d3d1a97ba2e49e0194db
455aebaaf8d55a159ee04306336c8774eddb4dd3afda9c31af1aabe63e4ce670
48ba1993011db4834882d81b2153753437607292f704a6543d4466c0f6d1372a
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
5d0c8e6750566b23e31d0a32be73280f46101a9c0eb3a845698b2b326263a185
623c28cdfe70d5dd8be588e55ff35285886fa5de39370fc8d3b2881be1cb9f1f
67b6584af0fff14908d8f05c0eb9d59cb809da113feffd197f3ddb38a779ea45
6907a8ba316ef256270d51ec81529061896805bc4bbc7724af13bcbbf1de9267
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a37ccbfd31eae54db7e41868d5013f3f4b654b03f70bcb7563fd1ed264193d9
8ddc6cbdb63a791bfc33f40d4b0a250a18e85e0ae93f72389ebda9242bef010d
8e9945d7ebf431506391edb3431741c9007f4248bbb09dd451f54d67da1ef01e
92c2f2fd33ed1a41bf26eba048d51fb9e86a7b21b42864a18b2c996052044c37
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
acbebd1fd5514221cd4003e4373d5d110df4a9a53916dea84c548d0d32dbcb33
d55071285e28dffa804053907346296b4820b1d720d02e212e1add9b5ab64962
d566f20132cf0c0753427e3fef65575be62930b53a29d4a248625e5fdbaccf02
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e38785a7de9cc85180bf216f2539917fe6d1c98a2a4a3a9ba892060590c5146e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f64f5535f6baff1d54c4d8ef736fdef69d64fcd60892ad368e8a04c4cf37c5
e70dc687caa9e276c66e692ff74704f132a3c45deb5ae06d5e8d87b0ca8b147f
e935850eea4e84915b844bb4e39d3392331c244be32a9c61b7ca0d3af7681f0b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3392e911ed7644ca46a69ddc76dbf8149d3e3395a2082ad62d3c4080cf3ba41
f4a81188ed52f08fc993a9943b68a803eb350c9fdee0415e2c7c99d32c494769
f94d86a6827362a2244e111392504c5be9132fb567c3baf471a87f64001f23a8

www.12play8.win Open in urlscan Pro 172.67.205.31 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

49 Requests

96 %HTTPS

44 %IPv6

12 Domains

17 Subdomains

16 IPs

4 Countries

3193 kBTransfer

5032 kBSize

52 Cookies

0 Outgoing links

Page URL History

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.12play8.win Open in urlscan Pro
172.67.205.31 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

96 %
HTTPS

44 %
IPv6

12
Domains

17
Subdomains

16
IPs

4
Countries

3193 kB
Transfer

5032 kB
Size

52
Cookies

49 HTTP transactions
0 data transactions