urlscan.io logo urlscan.io
SecurityTrails logo

play.nexttowin.net Open in urlscan Pro
3.160.212.34  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://play.nexttowin.net/
Effective URL: https://play.nexttowin.net/login
Submission: On December 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 4 domains to perform 48 HTTP transactions. The main IP is 3.160.212.34, located in United States and belongs to AMAZON-02, US. The main domain is play.nexttowin.net.
TLS certificate: Issued by Amazon RSA 2048 M02 on July 16th 2023. Valid for: a year.
This is the only time play.nexttowin.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 17 3.160.212.34 16509 (AMAZON-02)
10 52.221.109.148 16509 (AMAZON-02)
8 54.254.19.198 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
11 2a00:1450:400... 15169 (GOOGLE)
1 52.219.132.147 16509 (AMAZON-02)
48 6
17    3.160.212.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-212-34.mxp53.r.cloudfront.net
play.nexttowin.net
10    52.221.109.148 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
api.nexttowin.net
8    54.254.19.198 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-254-19-198.ap-southeast-1.compute.amazonaws.com
auth.nexttowin.net
2    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
11    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    52.219.132.147 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-r-w.amazonaws.com
nexttowin-data.s3.ap-southeast-1.amazonaws.com
Domain Requested by
17 play.nexttowin.net 1 redirects play.nexttowin.net
11 fonts.gstatic.com fonts.googleapis.com
10 api.nexttowin.net play.nexttowin.net
8 auth.nexttowin.net play.nexttowin.net
2 fonts.googleapis.com play.nexttowin.net
1 nexttowin-data.s3.ap-southeast-1.amazonaws.com play.nexttowin.net
48 6

This site contains links to these domains. Also see Links.

Domain
lin.ee
Subject Issuer Validity Valid
play.nexttowin.net
Amazon RSA 2048 M02		 2023-07-16 -
2024-08-14		 a year crt.sh
api.nexttowin.net
Amazon RSA 2048 M01		 2023-07-16 -
2024-08-14		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-11-20 -
2024-02-12		 3 months crt.sh
*.s3-ap-southeast-1.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-25		 a year crt.sh

This page contains 1 frames:

Primary Page: https://play.nexttowin.net/login
Frame ID: D28D12C221E3BA3AC040AFA33D04E54D
Requests: 39 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

ยินดีต้อนรับเข้าสู่ lsm789th - เส้นทางแห่งความรวย ยินดีต้อนรับค่ะ หากคุณพร้อมแล้วลุยได้เลย ติดต่อฝ่ายบริการลูกค้าแอดไลน์ @lsm789.th (มี @ ด้านหน้า)

Page URL History Show full URLs

  1. http://play.nexttowin.net/ HTTP 301
    https://play.nexttowin.net/ Page URL
  2. https://play.nexttowin.net/login Page URL

Page Statistics

48
Requests

100 %
HTTPS

33 %
IPv6

4
Domains

6
Subdomains

6
IPs

3
Countries

9886 kB
Transfer

13061 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://play.nexttowin.net/ HTTP 301
    https://play.nexttowin.net/ Page URL
  2. https://play.nexttowin.net/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://play.nexttowin.net/ HTTP 301
  • https://play.nexttowin.net/

48 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
play.nexttowin.net/
Redirect Chain
  • http://play.nexttowin.net/
  • https://play.nexttowin.net/
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f24965bb1cabd767060f13a67a14f2f986f4001228a98f6199b2bb625aaf06e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63216
content-encoding
gzip
content-type
text/html
date
Thu, 07 Dec 2023 03:23:09 GMT
etag
W/"f4327b434a1b36cab7648a45b9005807"
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
x-amz-cf-id
fRYm8JYf_Kf6vuObMVb2Ev7mWg1tE3toTsi9woRnh9M5007K6tHG9Q==
x-amz-cf-pop
MXP53-P3
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Thu, 07 Dec 2023 20:56:44 GMT
Location
https://play.nexttowin.net/
Server
CloudFront
Via
1.1 d228f99969ceea21b1f33dfdfc1ce406.cloudfront.net (CloudFront)
X-Amz-Cf-Id
S1uaLdFpzgT0t05TxRFsSxIbCxptuD97EXDOsVUPP-Mtsr8pAtE7RQ==
X-Amz-Cf-Pop
MXP53-P3
X-Cache
Redirect from cloudfront
runtime.968a88d30562813e.js
play.nexttowin.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/runtime.968a88d30562813e.js
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2736444f895f18855a4b85918f70cce61681a55949b4dbc3519d84952c38c26

Request headers

Referer
https://play.nexttowin.net/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 04:40:00 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
58605
x-amz-server-side-encryption
AES256
etag
W/"5be0a4aed398cead9ae927adbaec646f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
RTGljYwSw7HrkrMiwY82JoE4SJj2RjiZ1_bZI92cxIP_tJnY9ZfOng==
polyfills.bdbf5c3726e579f9.js
play.nexttowin.net/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1a7192b40e6e21c5b1e96ea6cb1d78280e7be08cca33f55f4d7035df3cf4db3

Request headers

Referer
https://play.nexttowin.net/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 06:33:07 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
51818
etag
W/"20dfee2bd89a0d5aa102de28fda2ca87"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
ygwur1mQsKZK0NgynOrKPsFoCP4M4G9Ul_6gaWOIdfZyaFW7QtyF4A==
scripts.515d8b70f8ff02ce.js
play.nexttowin.net/ 		584 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/scripts.515d8b70f8ff02ce.js
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3923c89ee14567f44ce3529567c4aadc0704c24ef022187bf4a554f51cf5e255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 06:33:07 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
51818
etag
W/"6d1ab38ed8b77b3ff3904057f3a7fe55"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
cbJOa52vgTz5lZz3MFYIUFBDpelDgomv-9egs07nMFMgQ_oLDn-zvw==
main.02d4c3b29bda3a0a.js
play.nexttowin.net/ 		1 MB
357 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/main.02d4c3b29bda3a0a.js
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fc6e5ca5ae0a468be24a772d797038128b19969b87cf8694df1771d2a4d325

Request headers

Referer
https://play.nexttowin.net/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 07:44:42 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
47523
x-amz-server-side-encryption
AES256
etag
W/"1883e578dfde29118c6e1492e2d1199e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
qN3rd9OiPNccsie_YNVb1MUnfZMH1aZ8DkJY7xMeaKFBesD2lbjviA==
styles.6a8d94460899103c.css
play.nexttowin.net/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/styles.6a8d94460899103c.css
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58ed290e05d4e69735fa4bcd3d4ddb2c49c9de12a31bccb58ac30736f8172b30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 03:20:29 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
63376
etag
W/"ab9b0c8abb1fe6296876f0ae08c2bc88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
FWr_a_oR3nVX6G_ASRgYcBGG-qEtcHFBhjbHQros_Q3L6KDNWP6nxg==
GetWebinfo
api.nexttowin.net/api/Dictionaries/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.nexttowin.net/api/Dictionaries/GetWebinfo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.109.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://play.nexttowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET
access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:45 GMT
server
Kestrel
MarketingChannels
api.nexttowin.net/api/Dictionaries/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.nexttowin.net/api/Dictionaries/MarketingChannels?lang=th
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.109.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://play.nexttowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET
access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:45 GMT
server
Kestrel
security
auth.nexttowin.net/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.nexttowin.net/api/security
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.19.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-19-198.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://play.nexttowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET
access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:45 GMT
server
Kestrel
GetAppInfo
api.nexttowin.net/api/onboarding/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.nexttowin.net/api/onboarding/GetAppInfo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.109.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://play.nexttowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET
access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:45 GMT
server
Kestrel
GetClientStatus
auth.nexttowin.net/system/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.nexttowin.net/system/GetClientStatus?clientId=lsm-frontend
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.19.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-19-198.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://play.nexttowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET
access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:45 GMT
server
Kestrel
GetWebinfo
api.nexttowin.net/api/Dictionaries/ 		196 KB
196 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.nexttowin.net/api/Dictionaries/GetWebinfo
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.109.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.nexttowin.net/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:45 GMT
cache-control
public,max-age=60
server
Kestrel
content-type
application/json; charset=utf-8
MarketingChannels
api.nexttowin.net/api/Dictionaries/ 		600 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.nexttowin.net/api/Dictionaries/MarketingChannels?lang=th
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.109.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
7153765de14b3457d7f05a5cfde0a2176962547e09ff287d38c9be50e2a4e65a

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.nexttowin.net/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:45 GMT
cache-control
public,max-age=60
server
Kestrel
content-type
application/json; charset=utf-8
security
auth.nexttowin.net/api/ 		6 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.nexttowin.net/api/security
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.19.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-19-198.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
5e3ef72a4b087840648050c79120ce43c307fd68eef3f35fcbc85a313365adc3

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.nexttowin.net/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:45 GMT
server
Kestrel
content-type
text/plain; charset=utf-8
GetAppInfo
api.nexttowin.net/api/onboarding/ 		6 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.nexttowin.net/api/onboarding/GetAppInfo
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.109.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
5e3ef72a4b087840648050c79120ce43c307fd68eef3f35fcbc85a313365adc3

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.nexttowin.net/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:45 GMT
server
Kestrel
content-type
text/plain; charset=utf-8
GetClientStatus
auth.nexttowin.net/system/ 		4 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.nexttowin.net/system/GetClientStatus?clientId=lsm-frontend
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.19.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-19-198.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.nexttowin.net/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:45 GMT
server
Kestrel
content-type
application/json; charset=utf-8
Primary Request login
play.nexttowin.net/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/login
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/main.02d4c3b29bda3a0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f24965bb1cabd767060f13a67a14f2f986f4001228a98f6199b2bb625aaf06e

Request headers

Referer
https://play.nexttowin.net/login
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
63218
content-encoding
gzip
content-type
text/html
date
Thu, 07 Dec 2023 03:23:09 GMT
etag
W/"f4327b434a1b36cab7648a45b9005807"
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
x-amz-cf-id
IboiaEF4Br_-3QusDNz2hw9YrBwQzWHGnUuvLtR9NeyNFNxVNrxX4A==
x-amz-cf-pop
MXP53-P3
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
main.css
play.nexttowin.net/assets/Glass/css/ 		77 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/assets/Glass/css/main.css
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/main.02d4c3b29bda3a0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 04:40:03 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:02:54 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
58604
x-amz-server-side-encryption
AES256
etag
W/"0a2f372bf99011fa3b01d82d6be39904"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
cXnstjtbvRTC-Kydv5qjXldiXMwDRYZNiqCDYWcUmc1oP7e9d5Rb9Q==
css2
fonts.googleapis.com/ 		4 KB
982 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/assets/Glass/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 20:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 20:56:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 20:56:46 GMT
bg-theme-logo.jpeg
play.nexttowin.net/assets/Glass/img/theme/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.nexttowin.net/assets/Glass/img/theme/bg-theme-logo.jpeg
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/assets/Glass/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/assets/Glass/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 03:54:27 GMT
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:02:56 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
61340
etag
"fda0a79e5e80528d6d3a1dd7c5663117"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
4248306
x-amz-cf-id
ij_123JqXQPDnPRqWpAMWMiN-SSVDvrzdbYBwiiWoHHBEPxczgroYQ==
pxiLypw5ucZF-Sg4Maj_.woff2
fonts.gstatic.com/s/mitr/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiLypw5ucZF-Sg4Maj_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:55:39 GMT
x-content-type-options
nosniff
age
190867
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14172
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:51:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 15:55:39 GMT
pxiEypw5ucZF8c8bJIPecmNE.woff2
fonts.gstatic.com/s/mitr/v11/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8c8bJIPecmNE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:45:27 GMT
x-content-type-options
nosniff
age
252679
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13820
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:51:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 22:45:27 GMT
pxiEypw5ucZF8ZcaJIPecmNE.woff2
fonts.gstatic.com/s/mitr/v11/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8ZcaJIPecmNE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 19:45:18 GMT
x-content-type-options
nosniff
age
177088
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13400
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 19:45:18 GMT
pxiEypw5ucZF8ZcaJJfecg.woff2
fonts.gstatic.com/s/mitr/v11/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8ZcaJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 18:41:22 GMT
x-content-type-options
nosniff
age
267324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21064
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:55:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 18:41:22 GMT
pxiLypw5ucZF-Tw4MQ.woff2
fonts.gstatic.com/s/mitr/v11/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiLypw5ucZF-Tw4MQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 17:54:26 GMT
x-content-type-options
nosniff
age
97340
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22228
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:51:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 17:54:26 GMT
runtime.968a88d30562813e.js
play.nexttowin.net/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/runtime.968a88d30562813e.js
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f2736444f895f18855a4b85918f70cce61681a55949b4dbc3519d84952c38c26

Request headers

Referer
https://play.nexttowin.net/login
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 04:40:00 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
58607
x-amz-server-side-encryption
AES256
etag
W/"5be0a4aed398cead9ae927adbaec646f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
nxZWw9qKCw9uR8vhlcUDwtTyHdsw1mNLb6Xd_TS6XchL4njDlRufkQ==
polyfills.bdbf5c3726e579f9.js
play.nexttowin.net/ 		33 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a1a7192b40e6e21c5b1e96ea6cb1d78280e7be08cca33f55f4d7035df3cf4db3

Request headers

Referer
https://play.nexttowin.net/login
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 06:33:07 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
51820
etag
W/"20dfee2bd89a0d5aa102de28fda2ca87"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
okxzj02GBN0-VJiBDxm35AFjIklafUi9bLHOHjQIyqpl3jGXs7WZyg==
scripts.515d8b70f8ff02ce.js
play.nexttowin.net/ 		584 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/scripts.515d8b70f8ff02ce.js
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3923c89ee14567f44ce3529567c4aadc0704c24ef022187bf4a554f51cf5e255

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 06:33:07 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
51820
etag
W/"6d1ab38ed8b77b3ff3904057f3a7fe55"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
_Za94nMlMpuaPIvRKtw8hsq8-4M5y90uEzy_ychIuaA2Hz3xl_0SEA==
main.02d4c3b29bda3a0a.js
play.nexttowin.net/ 		1 MB
357 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/main.02d4c3b29bda3a0a.js
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b0fc6e5ca5ae0a468be24a772d797038128b19969b87cf8694df1771d2a4d325

Request headers

Referer
https://play.nexttowin.net/login
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 07:44:42 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
47525
x-amz-server-side-encryption
AES256
etag
W/"1883e578dfde29118c6e1492e2d1199e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
JyfwLOP12REl-ZSdlvKfCuPcktXqDocBepS2LCbcQQTDImDZAXo1Xw==
styles.6a8d94460899103c.css
play.nexttowin.net/ 		33 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/styles.6a8d94460899103c.css
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
58ed290e05d4e69735fa4bcd3d4ddb2c49c9de12a31bccb58ac30736f8172b30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 03:20:29 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:03:15 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
63378
etag
W/"ab9b0c8abb1fe6296876f0ae08c2bc88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
Hj5Chlv-Q2BfMw9NTN2SV-r3ZbWg-jOdhRFalJVjdglELGX2GyTTCg==
main.css
play.nexttowin.net/assets/Glass/css/ 		77 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://play.nexttowin.net/assets/Glass/css/main.css
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/main.02d4c3b29bda3a0a.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4a736e0faa7ab48d8e2ac05c38227b0bbb88a29ccae2aef0fc1c6a6705a85739

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/login
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 04:40:03 GMT
content-encoding
gzip
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:02:54 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
58604
x-amz-server-side-encryption
AES256
etag
W/"0a2f372bf99011fa3b01d82d6be39904"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
YbcTqJkhokfItEx0QghjetQyig3ihx_89Hm4ka-cwgBcvWM1DHMz-Q==
MarketingChannels
api.nexttowin.net/api/Dictionaries/ 		600 B
737 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.nexttowin.net/api/Dictionaries/MarketingChannels?lang=th
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.109.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
7153765de14b3457d7f05a5cfde0a2176962547e09ff287d38c9be50e2a4e65a

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.nexttowin.net/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:47 GMT
cache-control
public,max-age=60
server
Kestrel
content-type
application/json; charset=utf-8
security
auth.nexttowin.net/api/ 		6 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.nexttowin.net/api/security
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.19.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-19-198.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
5e3ef72a4b087840648050c79120ce43c307fd68eef3f35fcbc85a313365adc3

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.nexttowin.net/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:47 GMT
server
Kestrel
content-type
text/plain; charset=utf-8
GetAppInfo
api.nexttowin.net/api/onboarding/ 		6 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.nexttowin.net/api/onboarding/GetAppInfo
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.109.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
5e3ef72a4b087840648050c79120ce43c307fd68eef3f35fcbc85a313365adc3

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.nexttowin.net/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:47 GMT
server
Kestrel
content-type
text/plain; charset=utf-8
GetClientStatus
auth.nexttowin.net/system/ 		4 B
116 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://auth.nexttowin.net/system/GetClientStatus?clientId=lsm-frontend
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/polyfills.bdbf5c3726e579f9.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.19.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-19-198.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Accept
application/json, text/plain, */*
Referer
https://play.nexttowin.net/
accept-language
de-DE,de;q=0.9
Authorization
Bearer null
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:47 GMT
server
Kestrel
content-type
application/json; charset=utf-8
001320a5-d434-403d-a799-31068f1f7b2a.png
nexttowin-data.s3.ap-southeast-1.amazonaws.com/Images/WebSettings/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nexttowin-data.s3.ap-southeast-1.amazonaws.com/Images/WebSettings/001320a5-d434-403d-a799-31068f1f7b2a.png?X-Amz-Expires=86400&X-Amz-Security-Token=IQoJb3JpZ2luX2VjEEIaDmFwLXNvdXRoZWFzdC0xIkgwRgIhALqZwAIex%2Bw2a%2FR6fGnoauJrPM%2BvJYzlsq98o48ZVYkzAiEAp3nnaK6gFK2OQhGoCycaKna8ztRMifuG%2FczgTdP3hD4q9wMIq%2F%2F%2F%2F%2F%2F%2F%2F%2F%2F%2FARACGgw4NjE5Mjc2NTUzMTMiDKdWk2ilQrqqILKIByrLA%2BP15KvdR2igqBSTF3rdJMTq17hGCYQIZFiTJNDqxa97HNa5KdX6AXO0FdANh1aoVSPuiOb5r6Q24nh5%2FlDIJBhilEdrt3Go0fgYmr%2FVLNRN2iPDZxiTAbKELjAHHhaGiRFwILfgl2n75Epgs%2BF3L1kVkdIDA4quJZYLb%2FPPq3kr6He5tohMrU6JfbecX0RuKdR2BVZDnELer6Q2Bl4%2FBFLdEKUa1FmpdVP0FwTR%2Few2AKKpsEUb40By9q2T3tfnccBDv%2FaBOjFzMJlHOFO7b6fBUnps5XzhYAiZ5JDAYLQWCIqHNPWwlhJGrZr3snk34CGTkSUzpy6WQfyzrzy3e3%2FQ%2BWuBUd0W%2B9HIsBodKt4jK3rUM0ing%2BrdmgLOnHXn0NBMORGfwWUcWw6rf5dQgzRi69jS1ruauWAg6rKw2PieJoxdQ42qSluPmgVlG38loHZ1i6jQeWIHBHpa5C9N9VTUnRjB8ghEYKgoI5BIR3x%2BEpSLzEyiCRqQb475no6SwPtihNvxXmJVWg%2FkTZJ5fnTmIYJx8vQXf6MuMZzr5EfFbZ%2Bh2mNWtC%2Bzky9ioyEf0cntyJ7QdcoiE5xs5sSpuHL%2BrWw1PIE%2BZvr9BzCimcirBjqkAeGFOVA183ekvGbwralkwqjRndqRW1mELYsLiSpsqm9jsWBdclN4Fvdf1M%2BWfeyyUMBOc7HlPhbXBU0p97l6UmhyhiWDnW%2FuaeOOiHz0o9oUIzrD9tv5ulRMwyik%2FArQ3tE%2F9pguNGX6S61Enu0t9Wf4EYx%2F7S1P3FJQsbdzUQa7W7j%2B3qxFcRtB5QIx1C7tFfvHwHZ9qQfPdUUXwPcANKmbWPz2&X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=ASIA4RLXEI6IXCSTELUJ/20231207/ap-southeast-1/s3/aws4_request&X-Amz-Date=20231207T205645Z&X-Amz-SignedHeaders=host&X-Amz-Signature=a471db9dc39d39e40ed97fd433d1b90cec06de8eaa96cc2fe44fcc521e0cf633
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/login
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.132.147 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-southeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f6b4ded7fca678b57a2571a3d2506d85fe71f93de01135593fe1f743154403f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date
Thu, 07 Dec 2023 20:56:48 GMT
Last-Modified
Fri, 30 Jun 2023 11:32:23 GMT
Server
AmazonS3
x-amz-request-id
WXFYP6YZEM96B7H0
ETag
"89edba4d4e26717feaef20a383692368"
x-amz-server-side-encryption
AES256
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
37910
x-amz-id-2
t9dYN0cmBnwtlNyevSCJRP0W9EHnh8zBKfp2GkvA2i0NJ9/UzQ86FOp8SFBr1pdpp3OVTwhoEXk=
css2
fonts.googleapis.com/ 		4 KB
623 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/assets/Glass/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
1c60469dce6e2a9fd04ae28639f38afd77e23c62d1fdd569246166d513762ddd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Thu, 07 Dec 2023 20:56:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Thu, 07 Dec 2023 20:56:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 07 Dec 2023 20:56:46 GMT
bg-theme-logo.jpeg
play.nexttowin.net/assets/Glass/img/theme/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://play.nexttowin.net/assets/Glass/img/theme/bg-theme-logo.jpeg
Requested by
Host: play.nexttowin.net
URL: https://play.nexttowin.net/assets/Glass/css/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.212.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-212-34.mxp53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a383dd2e6abaf9ae38c47ec4ca3fbe06c453eb69981fb860dfc897a9cc33b666

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://play.nexttowin.net/assets/Glass/css/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Thu, 07 Dec 2023 03:54:27 GMT
via
1.1 049d2187ec4ec8f6312a4e2661cd4678.cloudfront.net (CloudFront)
last-modified
Thu, 30 Nov 2023 09:02:56 GMT
server
AmazonS3
x-amz-cf-pop
MXP53-P3
age
61341
etag
"fda0a79e5e80528d6d3a1dd7c5663117"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
4248306
x-amz-cf-id
YPy-OBPzDLmh2mTJT9XlPtYbLI0JD5d9AlJGWIw2A9h5RNKffwjPqQ==
pxiLypw5ucZF-Sg4Maj_.woff2
fonts.gstatic.com/s/mitr/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiLypw5ucZF-Sg4Maj_.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f182e9af89b104eaeceb40e923e37c9f0fee9e2f205e4bd88c2819a18a093444
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 15:55:39 GMT
x-content-type-options
nosniff
age
190868
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14172
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:51:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 15:55:39 GMT
pxiEypw5ucZF8ZcaJIPecmNE.woff2
fonts.gstatic.com/s/mitr/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8ZcaJIPecmNE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
475dc83a1b132abdb77eb057f10e1cd5570036481149d7c3b08881b12282d8e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 19:45:18 GMT
x-content-type-options
nosniff
age
177089
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13400
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:51:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 19:45:18 GMT
pxiEypw5ucZF8c8bJIPecmNE.woff2
fonts.gstatic.com/s/mitr/v11/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8c8bJIPecmNE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
52f75b873ae5c29fe1a388a4458b22857216148d1b7f1a6c95ec39bd3b30b52c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 22:45:27 GMT
x-content-type-options
nosniff
age
252680
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13820
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:51:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 22:45:27 GMT
pxiEypw5ucZF8c8bJJfecg.woff2
fonts.gstatic.com/s/mitr/v11/ 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8c8bJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3810cc1d0aaf337a3baa402e6f4309448afd0193182a027e416f0dd923ab76de
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Tue, 05 Dec 2023 03:35:45 GMT
x-content-type-options
nosniff
age
235262
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21920
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:51:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 04 Dec 2024 03:35:45 GMT
pxiEypw5ucZF8ZcaJJfecg.woff2
fonts.gstatic.com/s/mitr/v11/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiEypw5ucZF8ZcaJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2b6a602e4afe2b4482b1fe90aa53c663c4a8ffafa09cb01d304ecc86601fb5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Mon, 04 Dec 2023 18:41:22 GMT
x-content-type-options
nosniff
age
267325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21064
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:55:27 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 03 Dec 2024 18:41:22 GMT
pxiLypw5ucZF-Tw4MQ.woff2
fonts.gstatic.com/s/mitr/v11/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mitr/v11/pxiLypw5ucZF-Tw4MQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mitr:wght@300;400;500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
329c63d1e60592a56dbb383ce4d1281d543cd7615ecaa0db98ffb5ef154ef2c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://play.nexttowin.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date
Wed, 06 Dec 2023 17:54:26 GMT
x-content-type-options
nosniff
age
97341
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22228
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 14:51:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 05 Dec 2024 17:54:26 GMT
MarketingChannels
api.nexttowin.net/api/Dictionaries/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.nexttowin.net/api/Dictionaries/MarketingChannels?lang=th
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.109.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://play.nexttowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET
access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:47 GMT
server
Kestrel
security
auth.nexttowin.net/api/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.nexttowin.net/api/security
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.19.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-19-198.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://play.nexttowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET
access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:47 GMT
server
Kestrel
GetAppInfo
api.nexttowin.net/api/onboarding/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.nexttowin.net/api/onboarding/GetAppInfo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.221.109.148 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-221-109-148.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://play.nexttowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET
access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:47 GMT
server
Kestrel
GetClientStatus
auth.nexttowin.net/system/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://auth.nexttowin.net/system/GetClientStatus?clientId=lsm-frontend
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.254.19.198 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-254-19-198.ap-southeast-1.compute.amazonaws.com
Software
Kestrel /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization
Access-Control-Request-Method
GET
Origin
https://play.nexttowin.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

access-control-allow-headers
authorization
access-control-allow-methods
GET
access-control-allow-origin
*
date
Thu, 07 Dec 2023 20:56:47 GMT
server
Kestrel

Verdicts & Comments Add Verdict or Comment

210 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture object| webpackChunkFrontendApp function| Zone function| __zone_symbol__Promise function| __zone_symbol__fetch function| __zone_symbol__queueMicrotask function| __zone_symbol__setTimeout function| __zone_symbol__clearTimeout function| __zone_symbol__setInterval function| __zone_symbol__clearInterval function| __zone_symbol__requestAnimationFrame function| __zone_symbol__cancelAnimationFrame function| __zone_symbol__webkitRequestAnimationFrame function| __zone_symbol__webkitCancelAnimationFrame function| __zone_symbol__alert function| __zone_symbol__prompt function| __zone_symbol__confirm function| __zone_symbol__MutationObserver function| __zone_symbol__WebKitMutationObserver function| __zone_symbol__IntersectionObserver function| __zone_symbol__FileReader boolean| __zone_symbol__ononsearchpatched boolean| __zone_symbol__ononappinstalledpatched boolean| __zone_symbol__ononbeforeinstallpromptpatched boolean| __zone_symbol__ononbeforexrselectpatched boolean| __zone_symbol__ononabortpatched boolean| __zone_symbol__ononbeforeinputpatched boolean| __zone_symbol__ononbeforetogglepatched boolean| __zone_symbol__ononblurpatched boolean| __zone_symbol__ononcancelpatched boolean| __zone_symbol__ononcanplaypatched boolean| __zone_symbol__ononcanplaythroughpatched boolean| __zone_symbol__ononchangepatched boolean| __zone_symbol__ononclickpatched boolean| __zone_symbol__ononclosepatched boolean| __zone_symbol__ononcontextlostpatched boolean| __zone_symbol__ononcontextmenupatched boolean| __zone_symbol__ononcontextrestoredpatched boolean| __zone_symbol__ononcuechangepatched boolean| __zone_symbol__onondblclickpatched boolean| __zone_symbol__onondragpatched boolean| __zone_symbol__onondragendpatched boolean| __zone_symbol__onondragenterpatched boolean| __zone_symbol__onondragleavepatched boolean| __zone_symbol__onondragoverpatched boolean| __zone_symbol__onondragstartpatched boolean| __zone_symbol__onondroppatched boolean| __zone_symbol__onondurationchangepatched boolean| __zone_symbol__ononemptiedpatched boolean| __zone_symbol__ononendedpatched boolean| __zone_symbol__ononerrorpatched boolean| __zone_symbol__ononfocuspatched boolean| __zone_symbol__ononformdatapatched boolean| __zone_symbol__ononinputpatched boolean| __zone_symbol__ononinvalidpatched boolean| __zone_symbol__ononkeydownpatched boolean| __zone_symbol__ononkeypresspatched boolean| __zone_symbol__ononkeyuppatched boolean| __zone_symbol__ononloadpatched boolean| __zone_symbol__ononloadeddatapatched boolean| __zone_symbol__ononloadedmetadatapatched boolean| __zone_symbol__ononloadstartpatched boolean| __zone_symbol__ononmousedownpatched boolean| __zone_symbol__ononmouseenterpatched boolean| __zone_symbol__ononmouseleavepatched boolean| __zone_symbol__ononmousemovepatched boolean| __zone_symbol__ononmouseoutpatched boolean| __zone_symbol__ononmouseoverpatched boolean| __zone_symbol__ononmouseuppatched boolean| __zone_symbol__ononmousewheelpatched boolean| __zone_symbol__ononpausepatched boolean| __zone_symbol__ononplaypatched boolean| __zone_symbol__ononplayingpatched boolean| __zone_symbol__ononprogresspatched boolean| __zone_symbol__ononratechangepatched boolean| __zone_symbol__ononresetpatched boolean| __zone_symbol__ononresizepatched boolean| __zone_symbol__ononscrollpatched boolean| __zone_symbol__ononsecuritypolicyviolationpatched boolean| __zone_symbol__ononseekedpatched boolean| __zone_symbol__ononseekingpatched boolean| __zone_symbol__ononselectpatched boolean| __zone_symbol__ononslotchangepatched boolean| __zone_symbol__ononstalledpatched boolean| __zone_symbol__ononsubmitpatched boolean| __zone_symbol__ononsuspendpatched boolean| __zone_symbol__onontimeupdatepatched boolean| __zone_symbol__onontogglepatched boolean| __zone_symbol__ononvolumechangepatched boolean| __zone_symbol__ononwaitingpatched boolean| __zone_symbol__ononwebkitanimationendpatched boolean| __zone_symbol__ononwebkitanimationiterationpatched boolean| __zone_symbol__ononwebkitanimationstartpatched boolean| __zone_symbol__ononwebkittransitionendpatched boolean| __zone_symbol__ononwheelpatched boolean| __zone_symbol__ononauxclickpatched boolean| __zone_symbol__onongotpointercapturepatched boolean| __zone_symbol__ononlostpointercapturepatched boolean| __zone_symbol__ononpointerdownpatched boolean| __zone_symbol__ononpointermovepatched boolean| __zone_symbol__ononpointerrawupdatepatched boolean| __zone_symbol__ononpointeruppatched boolean| __zone_symbol__ononpointercancelpatched boolean| __zone_symbol__ononpointeroverpatched boolean| __zone_symbol__ononpointeroutpatched boolean| __zone_symbol__ononpointerenterpatched boolean| __zone_symbol__ononpointerleavepatched boolean| __zone_symbol__ononselectstartpatched boolean| __zone_symbol__ononselectionchangepatched boolean| __zone_symbol__ononanimationendpatched boolean| __zone_symbol__ononanimationiterationpatched boolean| __zone_symbol__ononanimationstartpatched boolean| __zone_symbol__onontransitionrunpatched boolean| __zone_symbol__onontransitionstartpatched boolean| __zone_symbol__onontransitionendpatched boolean| __zone_symbol__onontransitioncancelpatched boolean| __zone_symbol__ononafterprintpatched boolean| __zone_symbol__ononbeforeprintpatched boolean| __zone_symbol__ononbeforeunloadpatched boolean| __zone_symbol__ononhashchangepatched boolean| __zone_symbol__ononlanguagechangepatched boolean| __zone_symbol__ononmessagepatched boolean| __zone_symbol__ononmessageerrorpatched boolean| __zone_symbol__ononofflinepatched boolean| __zone_symbol__onononlinepatched boolean| __zone_symbol__ononpagehidepatched boolean| __zone_symbol__ononpageshowpatched boolean| __zone_symbol__ononpopstatepatched boolean| __zone_symbol__ononrejectionhandledpatched boolean| __zone_symbol__ononstoragepatched boolean| __zone_symbol__ononunhandledrejectionpatched boolean| __zone_symbol__ononunloadpatched boolean| __zone_symbol__onondevicemotionpatched boolean| __zone_symbol__onondeviceorientationpatched boolean| __zone_symbol__onondeviceorientationabsolutepatched boolean| __zone_symbol__ononbeforematchpatched boolean| __zone_symbol__ononcontentvisibilityautostatechangepatched boolean| __zone_symbol__ononscrollendpatched object| __Html5QrcodeLibrary__ function| Html5QrcodeScanner function| Html5Qrcode object| Html5QrcodeSupportedFormats object| Html5QrcodeScannerState object| Html5QrcodeScanType function| Spin2WinWheel function| runScriptHomePage function| toggleMenuHamburger function| openPopup function| closePopup function| openPopupAddBank function| closePopupAddBank function| runSlideContent function| runSlideLatesPlayGame function| runSlideGames function| runSlideGamesCategory function| runSlideBank function| filterCat function| clickFilterCat function| changeContentSummaryData function| changeContentHistoryData function| introJs function| Draggable object| InertiaPlugin function| VelocityTracker object| TextPlugin function| Splide object| gsapVersions object| Linear object| Power0 object| Quad object| Power1 object| Cubic object| Power2 object| Quart object| Power3 object| Quint object| Power4 object| Strong object| Elastic object| Bounce object| Expo object| Circ object| Sine object| Back object| SteppedEase function| TweenLite function| TweenMax function| TimelineMax function| TimelineLite function| AttrPlugin function| EndArrayPlugin function| RoundPropsPlugin function| ModifiersPlugin function| SnapPlugin object| gsap object| CSSPlugin function| __zone_symbol__ON_PROPERTYload object| __zone_symbol__loadfalse object| __zone_symbol__popstatefalse object| __zone_symbol__hashchangefalse function| getAngularTestability function| getAllAngularTestabilities function| getAllAngularRootElements object| frameworkStabilizers function| __zone_symbol__addEventListener function| __zone_symbol__removeEventListener undefined| __zone_symbol__eventListeners undefined| __zone_symbol__removeAllListeners function| eventListeners function| removeAllListeners

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.nexttowin.net
auth.nexttowin.net
fonts.googleapis.com
fonts.gstatic.com
nexttowin-data.s3.ap-southeast-1.amazonaws.com
play.nexttowin.net
2a00:1450:4001:82a::2003
2a00:1450:4001:831::200a
3.160.212.34
52.219.132.147
52.221.109.148
54.254.19.198
1c60469dce6e2a9fd04ae28639f38afd77e23c62d1fdd569246166d513762ddd
329c63d1e60592a56dbb383ce4d1281d543cd7615ecaa0db98ffb5ef154ef2c8
3810cc1d0aaf337a3baa402e6f4309448afd0193182a027e416f0dd923ab76de
3923c89ee14567f44ce3529567c4aadc0704c24ef022187bf4a554f51cf5e255
475dc83a1b132abdb77eb057f10e1cd5570036481149d7c3b08881b12282d8e9
4a736e0faa7ab48d8e2ac05c38227b0bbb88a29ccae2aef0fc1c6a6705a85739
52f75b873ae5c29fe1a388a4458b22857216148d1b7f1a6c95ec39bd3b30b52c
58ed290e05d4e69735fa4bcd3d4ddb2c49c9de12a31bccb58ac30736f8172b30
5e3ef72a4b087840648050c79120ce43c307fd68eef3f35fcbc85a313365adc3
6f24965bb1cabd767060f13a67a14f2f986f4001228a98f6199b2bb625aaf06e
7153765de14b3457d7f05a5cfde0a2176962547e09ff287d38c9be50e2a4e65a
a1a7192b40e6e21c5b1e96ea6cb1d78280e7be08cca33f55f4d7035df3cf4db3
a2b6a602e4afe2b4482b1fe90aa53c663c4a8ffafa09cb01d304ecc86601fb5b
a383dd2e6abaf9ae38c47ec4ca3fbe06c453eb69981fb860dfc897a9cc33b666
b0fc6e5ca5ae0a468be24a772d797038128b19969b87cf8694df1771d2a4d325
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
f182e9af89b104eaeceb40e923e37c9f0fee9e2f205e4bd88c2819a18a093444
f2736444f895f18855a4b85918f70cce61681a55949b4dbc3519d84952c38c26
f6b4ded7fca678b57a2571a3d2506d85fe71f93de01135593fe1f743154403f3