winpalace88.fyi.balakplayy.com Open in urlscan Pro
162.240.144.230 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://winpalace88.fyi.balakplayy.com/
Submission: On November 21 via api (November 21st 2024, 5:13:42 pm UTC) from US — Scanned from DE

Summary HTTP 49 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 49 HTTP transactions. The main IP is 162.240.144.230, located in United States and belongs to UNIFIEDLAYER-AS-1, US. The main domain is winpalace88.fyi.balakplayy.com.
TLS certificate: Issued by cPanel ECC Domain Validation Secure S... on October 22nd 2024. Valid for: 3 months.

This is the only time winpalace88.fyi.balakplayy.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
33	162.240.144.230 162.240.144.230	46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
2	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
1	216.58.206.67 216.58.206.67	15169 (GOOGLE) (GOOGLE)
4	142.250.185.129 142.250.185.129	15169 (GOOGLE) (GOOGLE)
2	157.240.253.35 157.240.253.35	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
49	10

33 162.240.144.230 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-144-230.unifiedlayer.com

winpalace88.fyi.balakplayy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.67 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.129 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f1.1e100.net

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.253.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra5.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	balakplayy.com winpalace88.fyi.balakplayy.com	1 MB
8	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 527	151 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	76 KB
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 36	600 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	1 KB
1	gstatic.com fonts.gstatic.com	47 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	1 KB
49	8

	Domain	Requested by
33	winpalace88.fyi.balakplayy.com	winpalace88.fyi.balakplayy.com
8	cdn.ampproject.org	winpalace88.fyi.balakplayy.com cdn.ampproject.org
2	www.facebook.com	winpalace88.fyi.balakplayy.com
2	connect.facebook.net	winpalace88.fyi.balakplayy.com connect.facebook.net
1	www.google-analytics.com	winpalace88.fyi.balakplayy.com
1	www.googletagmanager.com	cdn.ampproject.org
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	winpalace88.fyi.balakplayy.com
49	8

This site contains links to these domains. Also see Links.

Domain
winpalace88.fyi
direct.lc.chat
www.emailmeform.com
googleid.fyi
api.whatsapp.com
t.me
line.me

Subject Issuer	Validity	Valid
winpalace88.fyi cPanel ECC Domain Validation Secure Server CA 3	`2024-10-22` - `2025-01-20`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
misc-sni.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-08-30` - `2024-11-28`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://winpalace88.fyi.balakplayy.com/
Frame ID: 4A5867E7FB03B4907D5AC531E1BCDA98
Requests: 55 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Winpalace88 Agen Bola Terpercaya, Situs Club388 Slot dan Sabung Ayam Terbaik di Indonesia

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Page Statistics

49
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

8
Subdomains

10
IPs

2
Countries

1706 kB
Transfer

2375 kB
Size

2
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: https://winpalace88.fyi/

Search URL Search Domain Scan URL

URL: https://direct.lc.chat/7497971/
Title: Live Chat

Search URL Search Domain Scan URL

URL: https://www.emailmeform.com/builder/form/866r7ajM21ib8x41zbBwdlbC
Title: DAFTAR

Search URL Search Domain Scan URL

URL: https://www.emailmeform.com/builder/form/9nr7M74dU8kB
Title: DEPOSIT

Search URL Search Domain Scan URL

URL: https://www.emailmeform.com/builder/form/G4xcBeTWtAee81w26945RQ
Title: WITHDRAW

Search URL Search Domain Scan URL

URL: https://googleid.fyi/totovip2
Title: TOTO 4D

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=855717512999&text=Selamat%20Datang%20di%20Winpalace88
Title: +855-717512999

Search URL Search Domain Scan URL

URL: https://api.whatsapp.com/send?phone=855318500999&text=Selamat%20Datang%20di%20Winpalace88
Title: +855-318500999

Search URL Search Domain Scan URL

URL: https://t.me/@winpalace88
Title: @winpalace88

Search URL Search Domain Scan URL

URL: http://line.me/ti/p/~@winpalace88
Title: @winpalace88

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

49 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
winpalace88.fyi.balakplayy.com/ 42 KB
11 KB 1044ms
157ms Document
text/html 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 720ae59024e200627bf4e773a0681be24619b7ddf4ae8d40443e31c0911a7a59

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 11278
Content-Type: text/html; charset=UTF-8
Date: Thu, 21 Nov 2024 17:13:34 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Vary: Accept-Encoding,User-Agent

GET
H2 200 css2
fonts.googleapis.com/ 9 KB
1 KB 153ms
21ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;600;700;800&display=swap

Requested by

Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f44038948c5a104bcf9f5938dea359cda2ba0f1912ee2893864245a2e1cb5802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 17:13:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 17:13:34 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 17:13:34 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 278 KB
72 KB 152ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: br
etag: "6cd5bd85d22351ce"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 17:13:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 17:13:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=3000, stale-while-revalidate=1206600
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 73112
x-xss-protection: 0
server: sffe

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
32 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

338328dedc97f4e8af0f96a11f4277add199f68669d1538cf9bb00e7d7e4761d

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: br
etag: "0fb6a320dcd73fbe"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 17:13:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 17:13:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 32184
x-xss-protection: 0
server: sffe

GET
H2 200 amp-sidebar-0.1.js Show response
cdn.ampproject.org/v0/ 31 KB
9 KB 26ms
21ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sidebar-0.1.js

Requested by

Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ac498c33fba0e0be977df8bb06207fd1bbd2892ddd33d0dfa5e48838e5a7e81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: br
etag: "e8f022bde01b1e0a"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 17:13:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 17:13:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 9629
x-xss-protection: 0
server: sffe

GET
H2 200 amp-carousel-0.1.js Show response
cdn.ampproject.org/v0/ 38 KB
11 KB 34ms
29ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-carousel-0.1.js

Requested by

Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b26e9d1dd9dffd00871f9994bf1248edb1fe4faafc99196c91fb5176000593e8

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: br
etag: "9925a53ff9d805bc"
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 17:13:34 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 17:13:34 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: private, max-age=604800, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 11524
x-xss-protection: 0
server: sffe

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 132ms
14ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-rVuKfnEi' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 17:13:34 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-rVuKfnEi' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4585, tp=12, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: rVzCEdppxmvAujzZoF/HXH8TJPCjJ2uDogyDqSjbPDhfapKq1FcJcqQejfDMHhaKWc4UzlhSMPSh9pLbsZ8olw==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK bg.webp
winpalace88.fyi.balakplayy.com/images/ 62 KB
63 KB 151ms
150ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/bg.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: df5fbc48e6b25fda0e3bdeb9a1f2f582130aa5d5ecdff4c8478d6a3efbc7097e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 63738
Keep-Alive: timeout=5, max=99
Date: Thu, 21 Nov 2024 17:13:34 GMT
Last-Modified: Sun, 28 Aug 2022 19:39:10 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H3 200 1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v34/ 47 KB
47 KB 127ms
12ms Font
font/woff2 216.58.206.67
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v34/1Ptug8zYS_SKggPNyC0ITw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@400;500;600;700;800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.67 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s08-in-f3.1e100.net

Software

sffe /

Resource Hash

47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://winpalace88.fyi.balakplayy.com
Referer: https://fonts.googleapis.com/

Response headers

age: 110711
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 10:28:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 10:28:23 GMT
last-modified: Wed, 01 May 2024 20:31:48 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48336
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 83 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9930e5951e85a0e2382c9547c2c9301c4aa0e1091a3e2ec83efc3c9a47763c2e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 660edb4fb3cbfeddbdedc5c7dae317f22fdd19e56f305e3a2024f152974dfb14

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 417d52512644c1c23d0e639990c258c14c2aedc8832aa25d863b4fc12dc547c4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09f12fbf2438dadde94f31c0bacf97f2285a0634df655de98b16728464802f34

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H/1.1 200
OK logo.webp
winpalace88.fyi.balakplayy.com/images/ 8 KB
8 KB 922ms
155ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/logo.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 4397bf942feac4b8d0b4d04778062442df6a8f72262bf0701ae108b7be529aaa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 7853
Keep-Alive: timeout=5, max=98
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Sun, 28 Aug 2022 13:46:14 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK chat-processing.svg
winpalace88.fyi.balakplayy.com/images/icon/ 300 B
524 B 921ms
153ms Image
image/svg+xml 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/chat-processing.svg
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: a570dc2b280ef63fd8918f940448c17e708845c98ed833f1f49683606c8d52e1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 221
Keep-Alive: timeout=5, max=98
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Wed, 24 Aug 2022 23:35:46 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/svg+xml

GET
H/1.1 200
OK android-logo.svg
winpalace88.fyi.balakplayy.com/images/icon/ 3 KB
2 KB 1026ms
143ms Image
image/svg+xml 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/android-logo.svg
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 8f4fb8647e30e9a6f882f3b39086a0136dbb4237b47912ba23ae06795ce6c712

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1324
Keep-Alive: timeout=5, max=98
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Wed, 24 Aug 2022 23:37:58 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/svg+xml

GET
H/1.1 200
OK Daftar-Deposit-Withdraw.webp
winpalace88.fyi.balakplayy.com/images/ 17 KB
17 KB 1033ms
149ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Daftar-Deposit-Withdraw.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: da728de2b0de0066a11b124751371e49368877f3f7a3b50f835c583a19a8f10b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 16866
Keep-Alive: timeout=5, max=98
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Fri, 25 Oct 2024 05:54:50 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK Partner-Games.webp
winpalace88.fyi.balakplayy.com/images/ 13 KB
13 KB 1034ms
148ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Partner-Games.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 9ce1a79bf89dbb4d58406e0414e3f5945617db40d9f2fb89192901ef49bdd0ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 13163
Keep-Alive: timeout=5, max=98
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Fri, 25 Oct 2024 05:54:50 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK CS-24-Jam.webp
winpalace88.fyi.balakplayy.com/images/ 17 KB
17 KB 439ms
150ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/CS-24-Jam.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 089f34f67f2486fe8e6ae8a8b7bd4dbbe143d5f2823edbeed5152b23523ce7f6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 16860
Keep-Alive: timeout=5, max=100
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Fri, 25 Oct 2024 05:54:50 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK Agen-Bola-Terpercaya-Winpalace88.gif
winpalace88.fyi.balakplayy.com/images/ 956 KB
956 KB 376ms
145ms Image
image/gif 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Agen-Bola-Terpercaya-Winpalace88.gif
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 5f80793d1d64081fefb2b5f4ffaf2588fae7a0e66993aef3f91761593043a87b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 978736
Keep-Alive: timeout=5, max=98
Date: Thu, 21 Nov 2024 17:13:34 GMT
Last-Modified: Wed, 23 Oct 2024 09:52:15 GMT
Content-Type: image/gif
Server: Apache

GET
H/1.1 200
OK whatsapp2.svg
winpalace88.fyi.balakplayy.com/images/icon/ 479 B
632 B 153ms
148ms Image
image/svg+xml 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/whatsapp2.svg
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 0640bf951e01038bff3076cff333580f2f74873ce63ebc4edbfda45ed154edb5

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 329
Keep-Alive: timeout=5, max=97
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Sun, 28 Aug 2022 21:28:54 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/svg+xml

GET
H/1.1 200
OK telegram.svg
winpalace88.fyi.balakplayy.com/images/icon/ 419 B
596 B 147ms
147ms Image
image/svg+xml 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/telegram.svg
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: f6739feea9269ef75fa5c600987ea7dab06544d656faa3e5af899d1f1ad6ff62

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 293
Keep-Alive: timeout=5, max=97
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Sun, 28 Aug 2022 21:28:48 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/svg+xml

GET
H/1.1 200
OK line.svg
winpalace88.fyi.balakplayy.com/images/icon/ 478 B
628 B 146ms
145ms Image
image/svg+xml 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/line.svg
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 17a62dcf79296d1183ed4ed3d93c266782e1e97321c7a89c557392c45eaaf4da

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 325
Keep-Alive: timeout=5, max=97
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Sun, 28 Aug 2022 21:27:22 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/svg+xml

GET
H/1.1 200
OK ovo.webp
winpalace88.fyi.balakplayy.com/images/icon/ 758 B
1 KB 144ms
144ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/ovo.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 22965ed1dd72be6f2681a818cbfb46216519808c45889dc065a034e8e7b7bdcc

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 781
Keep-Alive: timeout=5, max=97
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Mon, 05 Sep 2022 20:44:42 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK gopay.webp
winpalace88.fyi.balakplayy.com/images/icon/ 2 KB
2 KB 144ms
144ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/gopay.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 97128402b647c494176722994fd11950cec92524cb4f100507f8e0ef23b85989

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 1370
Keep-Alive: timeout=5, max=97
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Mon, 05 Sep 2022 20:44:00 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK telkomsel.webp
winpalace88.fyi.balakplayy.com/images/icon/ 804 B
1 KB 143ms
143ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/telkomsel.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: fc86eb7ed61cc6b9cba39e5d23c7b16f0dfedc42bd865b9f38a93dae8bfd2a9e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 827
Keep-Alive: timeout=5, max=97
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Mon, 05 Sep 2022 20:44:56 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK xl.webp
winpalace88.fyi.balakplayy.com/images/icon/ 804 B
1 KB 144ms
144ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/xl.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 3b5d9d0bd0ab8daa324d856a2d32de3ec3e31c8ebc28d1d39af78347a496ad69

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 827
Keep-Alive: timeout=5, max=96
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Mon, 05 Sep 2022 20:45:40 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK tri.webp
winpalace88.fyi.balakplayy.com/images/icon/ 746 B
1 KB 150ms
150ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/tri.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 30ea4c91a0093b7a94230f30a8425bab37ccedceaef4b552e97ffede2d259b93

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 769
Keep-Alive: timeout=5, max=96
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Mon, 05 Sep 2022 20:45:18 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK bca.webp
winpalace88.fyi.balakplayy.com/images/icon/ 812 B
1 KB 147ms
147ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/bca.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 626bac25c8200ed646467cb5542b7349d7195a23c000258f455afe7a61165ad7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 835
Keep-Alive: timeout=5, max=96
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Mon, 05 Sep 2022 20:27:40 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK mandiri.webp
winpalace88.fyi.balakplayy.com/images/icon/ 668 B
991 B 145ms
145ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/mandiri.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 5f709439a720ca1dd1472d5681de730c0b24a01e8f9f3159e6a8899bc9e33b35

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 691
Keep-Alive: timeout=5, max=96
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Mon, 05 Sep 2022 20:44:14 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK bni.webp
winpalace88.fyi.balakplayy.com/images/icon/ 834 B
1 KB 155ms
155ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/bni.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 17aa1127307812155b5f3ba2a09f955fbb9129b1e8f945e1246fce9401cb89ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 857
Keep-Alive: timeout=5, max=96
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Mon, 05 Sep 2022 20:43:06 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK bri.webp
winpalace88.fyi.balakplayy.com/images/icon/ 898 B
1 KB 153ms
153ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/bri.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 317343e1124886cafa77042fbf8df51ce7b9cf28914c8297900408d826139ea9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 921
Keep-Alive: timeout=5, max=96
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Mon, 05 Sep 2022 20:43:26 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK danamon.webp
winpalace88.fyi.balakplayy.com/images/icon/ 634 B
957 B 145ms
145ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/danamon.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 48ea780defb1488799fad0e59f95927e245f0bcb43fefa5dbd40a94150b58405

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 657
Keep-Alive: timeout=5, max=95
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Mon, 05 Sep 2022 20:43:42 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012410292120000/v0/ 8 KB
3 KB 17ms
16ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://winpalace88.fyi.balakplayy.com
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: br
etag: "f0f2b169fa87a905"
age: 29591
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 09:00:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 09:00:23 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 2970
x-xss-protection: 0
server: sffe

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012410292120000/v0/ 12 KB
4 KB 17ms
16ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://winpalace88.fyi.balakplayy.com
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: br
etag: "b22012622c63a36b"
age: 255898
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 18:08:36 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 18:08:36 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 3929
x-xss-protection: 0
server: sffe

GET
DATA 200
OK truncated
/ 152 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 149 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H3 200 4675014539391177 Show response
connect.facebook.net/signals/config/ 76 KB
15 KB 174ms
173ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/4675014539391177?v=2.9.176&r=stable&domain=winpalace88.fyi.balakplayy.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

1e8581a11e604235b0789a140ce2d48100752704e0b7b1a2c1ce1809115d3bb7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-M99ucRdV' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 17:13:35 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-M99ucRdV' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=7, rtx=0, c=69, mss=1232, tbw=70441, tp=68, tpl=0, uplat=160, ullat=0
pragma: public
x-fb-debug: b9pgLxrdIDEzquu3ry5SsEas6AKHgQjPRayeg2mlovyfpLgFcm5TtnKK6yKKfVBtNCWklKii7OM4kW7/wgcsvQ==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H/1.1 200
OK IDN-Poker-Winpalace88.webp
winpalace88.fyi.balakplayy.com/images/ 45 KB
45 KB 484ms
168ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/IDN-Poker-Winpalace88.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 045b8b4698824663779ea09af38a94559de38db4ccb007fd1bd99627f20e46d1

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 46043
Keep-Alive: timeout=5, max=99
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Fri, 25 Oct 2024 00:51:54 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK Selamat-Datang-di-Winpalace88.webp
winpalace88.fyi.balakplayy.com/images/ 66 KB
67 KB 461ms
149ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Selamat-Datang-di-Winpalace88.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 1b88d65836b64ca21a9f96461492602b39065d2d509b8986921f7e6aefee7d6f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Transfer-Encoding: chunked
Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Thu, 24 Oct 2024 05:56:51 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK Menerima-Deposit-Via.webp
winpalace88.fyi.balakplayy.com/images/ 61 KB
61 KB 485ms
169ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Menerima-Deposit-Via.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 720c625971ef2c979a596e9d3dc9f78ecaa4e0c40baa94dd558a0eb459f498ff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 62248
Keep-Alive: timeout=5, max=99
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Thu, 24 Oct 2024 06:26:52 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK IDN-Tripoker.webp
winpalace88.fyi.balakplayy.com/images/ 8 KB
9 KB 484ms
152ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/IDN-Tripoker.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 19e3df890c197a50ca708542b8042788357e7df53cc4ff2777a5022f4f56f92b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 8653
Keep-Alive: timeout=5, max=99
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Wed, 23 Oct 2024 09:51:41 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK Sportsbook.webp
winpalace88.fyi.balakplayy.com/images/ 21 KB
21 KB 175ms
148ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Sportsbook.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 0f56a8d908950042a313a92ab0ffe995d6a735eb61d8db1595ae1d527ddb0cd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 21123
Keep-Alive: timeout=5, max=100
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Wed, 23 Oct 2024 09:51:42 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK Slot-Online.webp
winpalace88.fyi.balakplayy.com/images/ 21 KB
22 KB 186ms
159ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Slot-Online.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 70f1ec8eb7c601881c3fdd25229dd1c732505b332023d5fd3c87b14a80f40eb7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 21745
Keep-Alive: timeout=5, max=100
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Wed, 23 Oct 2024 09:51:42 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK Totovip.webp
winpalace88.fyi.balakplayy.com/images/ 17 KB
17 KB 484ms
153ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Totovip.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 0c7ba5d73b10021ab9b73821930a8d0af1842c08af4409fd14da60a2afa728ad

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 17159
Keep-Alive: timeout=5, max=99
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Wed, 23 Oct 2024 09:51:42 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK Live-Casino.webp
winpalace88.fyi.balakplayy.com/images/ 16 KB
17 KB 181ms
153ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Live-Casino.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 39ab84c7b1ef9113a1324bb381be3811aa82833155954df2f99b3aef6ea7edaa

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 16675
Keep-Alive: timeout=5, max=100
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Wed, 23 Oct 2024 09:51:42 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK Sabung-Ayam.webp
winpalace88.fyi.balakplayy.com/images/ 14 KB
15 KB 186ms
158ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Sabung-Ayam.webp
Requested by: Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: e99c4dacefb8663ee3eff52ae28f9e592503929dab73042fe57ea77e72327b2a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 14703
Keep-Alive: timeout=5, max=100
Date: Thu, 21 Nov 2024 17:13:35 GMT
Last-Modified: Wed, 23 Oct 2024 09:51:42 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 134ms
20ms Image
text/plain 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=4675014539391177&ev=PageView&dl=https%3A%2F%2Fwinpalace88.fyi.balakplayy.com%2F&rl=&if=false&ts=1732209215105&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732209215094.494285249721102357&cs_est=true&ler=empty&cdl=API_unavailable&it=1732209214900&coo=false&rqm=GET

Requested by

Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=16, rtx=0, c=23, mss=1232, tbw=4576, tp=12, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Thu, 21 Nov 2024 17:13:35 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 331ms
220ms Image
image/png 157.240.253.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=4675014539391177&ev=PageView&dl=https%3A%2F%2Fwinpalace88.fyi.balakplayy.com%2F&rl=&if=false&ts=1732209215105&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1732209215094.494285249721102357&cs_est=true&ler=empty&cdl=API_unavailable&it=1732209214900&coo=false&rqm=FGET

Requested by

Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.253.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra5.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7439781929991340561"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Thu, 21 Nov 2024 17:13:35 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: iQdss4g/wlUypLaraOUwc8DMHAaa+ztV4pAuBUJkE4+zzOyXbUtexuJUjCwb6ETcvnd4WLar0gknFkv/QzDiJw==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7439781929991340561", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=17, rtx=0, c=23, mss=1232, tbw=4944, tp=15, tpl=0, uplat=210, ullat=0
cross-origin-opener-policy: same-origin-allow-popups
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 amp-lightbox-gallery-0.1.js Show response
cdn.ampproject.org/rtv/012410292120000/v0/ 65 KB
19 KB 8ms
7ms Script
text/javascript 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/amp-lightbox-gallery-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

9a5f4bb76f0526e81632d7ad1ca1e18966e18b8efc31198ca42bc88a457fcd2f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://winpalace88.fyi.balakplayy.com
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: br
etag: "1437bde9256d11de"
age: 232603
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Wed, 19 Nov 2025 00:36:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Tue, 19 Nov 2024 00:36:52 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 19034
x-xss-protection: 0
server: sffe

GET
H3 200 gtag.json Show response
cdn.ampproject.org/rtv/012410292120000/v0/analytics-vendors/ 3 KB
956 B 10ms
9ms Fetch
application/json 142.250.185.129
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012410292120000/v0/analytics-vendors/gtag.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.129 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f1.1e100.net

Software

sffe /

Resource Hash

0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

content-encoding: br
etag: "d438f510ee063240"
age: 250348
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
x-content-type-options: nosniff
expires: Tue, 18 Nov 2025 19:41:07 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 18 Nov 2024 19:41:07 GMT
content-type: application/json
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
content-length: 926
x-xss-protection: 0
server: sffe

POST
H2 200 amp Show response
www.googletagmanager.com/gtag/ 689 B
1 KB 83ms
15ms Fetch
application/json 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/amp?__amp_source_origin=https%3A%2F%2Fwinpalace88.fyi.balakplayy.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbec4cbad5cb5cb5b5a048ae42a6c690f5d933ec05b8b2d35f8a1376d3e03acf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://winpalace88.fyi.balakplayy.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Accept: application/json
Content-Type: text/plain;charset=utf-8

Response headers

access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:822:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 17:13:35 GMT
content-type: application/json; charset=UTF-8
content-disposition: attachment; filename="amp.json"
vary: *
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:822:0
amp-access-control-allow-source-origin: https://winpalace88.fyi.balakplayy.com
access-control-allow-origin: https://winpalace88.fyi.balakplayy.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 304
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 collect
www.google-analytics.com/ 35 B
600 B 59ms
7ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=a1&ds=AMP&aip&_s=1&dt=Winpalace88%20Agen%20Bola%20Terpercaya%2C%20Situs%20Club388%20Slot%20dan%20Sabung%20Ayam%20Terbaik%20di%20Indonesia&sr=1600x1200&cid=amp-S_k1EBSxziKOT5uNzd3qYA&tid=UA-160820735-84&dl=https%3A%2F%2Fwinpalace88.fyi.balakplayy.com%2F&dr=&sd=24&ul=de-de&de=UTF-8&t=pageview&jid=0.2588810176978824&gjid=0.6299403778452219&_r=1&a=6932&z=0.44479674978994055&gtm=45De1110

Requested by

Host: winpalace88.fyi.balakplayy.com
URL: https://winpalace88.fyi.balakplayy.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

age: 44744
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options: nosniff
expires: Mon, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 04:47:51 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 35
server: Golfe2

GET
H/1.1 200
OK favicon.webp
winpalace88.fyi.balakplayy.com/images/icon/ 5 KB
5 KB 145ms
145ms Other
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://winpalace88.fyi.balakplayy.com/images/icon/favicon.webp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: db95069a7558da67f33f2feafb5f6ba5a7037131975cdd8f41d27423bbfee6d0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 4428
Keep-Alive: timeout=5, max=94
Date: Thu, 21 Nov 2024 17:13:36 GMT
Last-Modified: Sat, 03 Sep 2022 21:07:42 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

GET
H/1.1 200
OK Bonus-Cashback-Terbesar.webp
winpalace88.fyi.balakplayy.com/images/ 57 KB
53 KB 151ms
151ms Image
image/webp 162.240.144.230
UNIFIEDLAYER-AS-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://winpalace88.fyi.balakplayy.com/images/Bonus-Cashback-Terbesar.webp
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.240.144.230 , United States, ASN46606 (UNIFIEDLAYER-AS-1, US),
Reverse DNS: 162-240-144-230.unifiedlayer.com
Software: Apache /
Resource Hash: 74590217eb3e6982afed79f6f485494823eec6087beedf6e94805c792cf3f315

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://winpalace88.fyi.balakplayy.com/

Response headers

Content-Encoding: gzip
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 53652
Keep-Alive: timeout=5, max=93
Date: Thu, 21 Nov 2024 17:13:40 GMT
Last-Modified: Wed, 23 Oct 2024 08:09:14 GMT
Vary: Accept-Encoding,User-Agent
Server: Apache
Content-Type: image/webp

Verdicts & Comments Add Verdict or Comment

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.balakplayy.com/	1970-01-21 03:19:45	Name: _fbp Value: fb.1.1732209215094.494285249721102357
			.balakplayy.com/	1970-01-21 09:55:45	Name: _ga Value: amp-S_k1EBSxziKOT5uNzd3qYA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.ampproject.org
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
winpalace88.fyi.balakplayy.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
142.250.185.129
157.240.0.6
157.240.253.35
162.240.144.230
216.58.206.67
2a00:1450:4001:800::200a
2a00:1450:4001:801::200e
2a00:1450:4001:80b::2001
2a00:1450:4001:813::2008
045b8b4698824663779ea09af38a94559de38db4ccb007fd1bd99627f20e46d1
0640bf951e01038bff3076cff333580f2f74873ce63ebc4edbfda45ed154edb5
089f34f67f2486fe8e6ae8a8b7bd4dbbe143d5f2823edbeed5152b23523ce7f6
09f12fbf2438dadde94f31c0bacf97f2285a0634df655de98b16728464802f34
0c7ba5d73b10021ab9b73821930a8d0af1842c08af4409fd14da60a2afa728ad
0cdc1d09aac29df4b32648b075b088d83174193624fe3c219cfd777692c9ba81
0f56a8d908950042a313a92ab0ffe995d6a735eb61d8db1595ae1d527ddb0cd7
17a62dcf79296d1183ed4ed3d93c266782e1e97321c7a89c557392c45eaaf4da
17aa1127307812155b5f3ba2a09f955fbb9129b1e8f945e1246fce9401cb89ad
19e3df890c197a50ca708542b8042788357e7df53cc4ff2777a5022f4f56f92b
1b88d65836b64ca21a9f96461492602b39065d2d509b8986921f7e6aefee7d6f
1e8581a11e604235b0789a140ce2d48100752704e0b7b1a2c1ce1809115d3bb7
22965ed1dd72be6f2681a818cbfb46216519808c45889dc065a034e8e7b7bdcc
2acdbf0259b3538b9f9408713e13677daca0d9e77c3887031c618b9aa7fa28ce
30ea4c91a0093b7a94230f30a8425bab37ccedceaef4b552e97ffede2d259b93
317343e1124886cafa77042fbf8df51ce7b9cf28914c8297900408d826139ea9
338328dedc97f4e8af0f96a11f4277add199f68669d1538cf9bb00e7d7e4761d
39ab84c7b1ef9113a1324bb381be3811aa82833155954df2f99b3aef6ea7edaa
3b5d9d0bd0ab8daa324d856a2d32de3ec3e31c8ebc28d1d39af78347a496ad69
417d52512644c1c23d0e639990c258c14c2aedc8832aa25d863b4fc12dc547c4
4397bf942feac4b8d0b4d04778062442df6a8f72262bf0701ae108b7be529aaa
47d477915fa5912616e2dc5df8c5780f9202671678cf275472bd39f3381c0098
48ea780defb1488799fad0e59f95927e245f0bcb43fefa5dbd40a94150b58405
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
5f709439a720ca1dd1472d5681de730c0b24a01e8f9f3159e6a8899bc9e33b35
5f80793d1d64081fefb2b5f4ffaf2588fae7a0e66993aef3f91761593043a87b
626bac25c8200ed646467cb5542b7349d7195a23c000258f455afe7a61165ad7
660edb4fb3cbfeddbdedc5c7dae317f22fdd19e56f305e3a2024f152974dfb14
70f1ec8eb7c601881c3fdd25229dd1c732505b332023d5fd3c87b14a80f40eb7
720ae59024e200627bf4e773a0681be24619b7ddf4ae8d40443e31c0911a7a59
720c625971ef2c979a596e9d3dc9f78ecaa4e0c40baa94dd558a0eb459f498ff
7326dfdb6af366b254ec02068d53c0a781e9ed98487a9fb05dad9d15bfcd237b
74590217eb3e6982afed79f6f485494823eec6087beedf6e94805c792cf3f315
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ac498c33fba0e0be977df8bb06207fd1bbd2892ddd33d0dfa5e48838e5a7e81
8f4fb8647e30e9a6f882f3b39086a0136dbb4237b47912ba23ae06795ce6c712
97128402b647c494176722994fd11950cec92524cb4f100507f8e0ef23b85989
9930e5951e85a0e2382c9547c2c9301c4aa0e1091a3e2ec83efc3c9a47763c2e
9a5f4bb76f0526e81632d7ad1ca1e18966e18b8efc31198ca42bc88a457fcd2f
9ce1a79bf89dbb4d58406e0414e3f5945617db40d9f2fb89192901ef49bdd0ed
a570dc2b280ef63fd8918f940448c17e708845c98ed833f1f49683606c8d52e1
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abe6c341a1a7d3678e52ea41abbd3c1dd739819dcc686ec6f568009ae2f67dbf
b26e9d1dd9dffd00871f9994bf1248edb1fe4faafc99196c91fb5176000593e8
da728de2b0de0066a11b124751371e49368877f3f7a3b50f835c583a19a8f10b
db95069a7558da67f33f2feafb5f6ba5a7037131975cdd8f41d27423bbfee6d0
df5fbc48e6b25fda0e3bdeb9a1f2f582130aa5d5ecdff4c8478d6a3efbc7097e
e1df1ea5eb3649c271f9251dd0f522f71583f47396dbf6495bb6507ed06c84ed
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e99c4dacefb8663ee3eff52ae28f9e592503929dab73042fe57ea77e72327b2a
ea4d2d0a14273348c41b259e556e98eb9e4e484876f09405a8d998ef8f293c7e
f44038948c5a104bcf9f5938dea359cda2ba0f1912ee2893864245a2e1cb5802
f6739feea9269ef75fa5c600987ea7dab06544d656faa3e5af899d1f1ad6ff62
fbec4cbad5cb5cb5b5a048ae42a6c690f5d933ec05b8b2d35f8a1376d3e03acf
fc86eb7ed61cc6b9cba39e5d23c7b16f0dfedc42bd865b9f38a93dae8bfd2a9e

winpalace88.fyi.balakplayy.com Open in urlscan Pro 162.240.144.230 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

49 Requests

100 %HTTPS

44 %IPv6

8 Domains

8 Subdomains

10 IPs

2 Countries

1706 kBTransfer

2375 kBSize

2 Cookies

10 Outgoing links

Redirected requests

49 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

winpalace88.fyi.balakplayy.com Open in urlscan Pro
162.240.144.230 Public Scan

Screenshot
Live screenshot

Full Image

49
Requests

100 %
HTTPS

44 %
IPv6

8
Domains

8
Subdomains

10
IPs

2
Countries

1706 kB
Transfer

2375 kB
Size

2
Cookies

49 HTTP transactions
6 data transactions