store.playwing.com Open in urlscan Pro
52.29.203.44  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

1. https://dolpusads.aftrad-visit.com/track/direct?offer_id=7361&publisher_id=13&network_id=1&click_id={REPLACE}&source={REPLACE}&sub_source={REPLACE}&placement= Page URL
2. http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv Page URL
3. http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Page URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	direct dolpusads.aftrad-visit.com/track/	189 B 577 B	92ms 53ms	Document text/html	172.67.71.68 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://dolpusads.aftrad-visit.com/track/direct?offer_id=7361&publisher_id=13&network_id=1&click_id={REPLACE}&source={REPLACE}&sub_source={REPLACE}&placement= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.67.71.68 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cf-cache-status DYNAMIC cf-ray 84e913687f862c6d-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 01 Feb 2024 09:12:59 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fu8f6KWbyS%2F7bjPtL0ZbVzi8htrqkYYc3U1nu0LRUoZpx0r873sltPQGESURkcJ0rmFyQTzeNgJAeRNEHisXzLzSc8XRLuvAzdxtrkP0ccOB5pfEoR4zQ%2FL4nKOxhNow1wTMSqsksHASFXgk"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H/1.1	200 OK	lp store.playwing.com/	1 KB 976 B	123ms 92ms	Document text/html	52.29.203.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv Requested by Host: dolpusads.aftrad-visit.com URL: https://dolpusads.aftrad-visit.com/track/direct?offer_id=7361&publisher_id=13&network_id=1&click_id={REPLACE}&source={REPLACE}&sub_source={REPLACE}&placement= Protocol HTTP/1.1 Server 52.29.203.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-203-44.eu-central-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=0, must-revalidate, private Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 01 Feb 2024 09:12:59 GMT Expires Thu, 01 Feb 2024 09:12:59 GMT Server nginx/1.18.0 Transfer-Encoding chunked
GET H/1.1	200 OK	Primary Request lp Show response store.playwing.com/	10 KB 4 KB	149ms 148ms	Document text/html	52.29.203.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv Protocol HTTP/1.1 Server 52.29.203.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-203-44.eu-central-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash 5cf7f45c6a2d270651e23a5971de10f67894d71148d7b006d83848f811ed05a4 Request headers Referer http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Cache-Control max-age=0, must-revalidate, private Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Thu, 01 Feb 2024 09:12:59 GMT Expires Thu, 01 Feb 2024 09:12:59 GMT Server nginx/1.18.0 Transfer-Encoding chunked
GET H/1.1	200 OK	violet-styles.css store.playwing.com/bundles/app/css/Playitall/	45 KB 10 KB	8ms 7ms	Stylesheet text/css	52.29.203.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://store.playwing.com/bundles/app/css/Playitall/violet-styles.css?vdefault Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol HTTP/1.1 Server 52.29.203.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-203-44.eu-central-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash 2b230d07b7fcb0131af5bb7b4a9dd2218b92adb40f496c9afa78582bd368f694 Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Thu, 01 Feb 2024 09:12:59 GMT Content-Encoding gzip Last-Modified Fri, 26 Jan 2024 10:48:50 GMT Server nginx/1.18.0 ETag W/"65b38e12-b319" Transfer-Encoding chunked Content-Type text/css Cache-Control public, max-age=31536000 Connection keep-alive
GET H/1.1	200 OK	violet-landing.css store.playwing.com/bundles/app/css/Playitall/	5 KB 2 KB	12ms 6ms	Stylesheet text/css	52.29.203.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://store.playwing.com/bundles/app/css/Playitall/violet-landing.css?vdefault Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol HTTP/1.1 Server 52.29.203.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-203-44.eu-central-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash dfdebb63d2f457dd4c8bc718ad8e1219b5213129bbaa8b8e332a21ccebf15fdf Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Thu, 01 Feb 2024 09:12:59 GMT Content-Encoding gzip Last-Modified Fri, 26 Jan 2024 10:48:52 GMT Server nginx/1.18.0 ETag W/"65b38e14-13d9" Transfer-Encoding chunked Content-Type text/css Cache-Control public, max-age=31536000 Connection keep-alive
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/	94 KB 30 KB	35ms 17ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/1.11.1/jquery.min.js Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 09:12:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 620241 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 29910 last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1762a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XDgHuVrAr0e6orUO1LR1r8DyYmdKzwJ0%2BkpRDU66PSoqKFvBV8wVv7L%2FbRCq%2FTQlyhKaDesGaR%2B2fC%2FJdGN7CnjVT19JV9i%2B0%2B91wdI1AL9urup4KVQyrCOIcwgRcPcHH%2F1ZxRnNz3kRsa9cvWwyTSJy"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84e9136adbdf1c2c-FRA expires Tue, 21 Jan 2025 09:12:59 GMT
GET H2	200	jquery.fancybox.min.js Show response cdnjs.cloudflare.com/ajax/libs/fancybox/3.2.1/	56 KB 17 KB	33ms 16ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.2.1/jquery.fancybox.min.js Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7570ece64256e3a0e1026865439a989b08ababe01f8819de552f4ec25722910f Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 09:12:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 626121 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 16534 last-modified Mon, 04 May 2020 16:10:00 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e58-dff3" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfWwpuyxMsmcZ53phkAoFlR493EN3EsZT6zodzynbmI81kd0%2FFW2ecF6JvpYTzLDRCf4qQy5psKHBgLUMR0b0OKXoX8dNCF6y4p7U5QyobZL8hWWfH7vkD3R22JD2jn%2FPUyC%2FlrW%2FQKRq%2BLBIAVv2RSh"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84e9136adbda1c2c-FRA expires Tue, 21 Jan 2025 09:12:59 GMT
GET H2	200	jquery.magnific-popup.min.js Show response cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/	20 KB 7 KB	37ms 19ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/jquery.magnific-popup.min.js Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 09:12:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2792464 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 6546 last-modified Mon, 04 May 2020 16:12:04 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ed4-4ef8" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FM8MSI87HwQEmSj5SedkcB7qF5yr2r0aVrTWJ8yP1leAN2omfI0UJMR2f0IthD6pZb315X2198yIgIQZGT9vRUFy1qfIVHVHIC12yjE5TnnxKQGGXg2RjZGQl4gtDhiE1Wv0OiXbfbeJ8tGAVDrLkda0"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84e9136adbdd1c2c-FRA expires Tue, 21 Jan 2025 09:12:59 GMT
GET H/1.1	200 OK	main.js Show response store.playwing.com/bundles/app/js/	3 KB 2 KB	14ms 8ms	Script application/javascript	52.29.203.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://store.playwing.com/bundles/app/js/main.js?vdefault Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol HTTP/1.1 Server 52.29.203.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-203-44.eu-central-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash ccfb0fccc8c6923d8967ce4bfe0787070f6b8fc1a97f58ade786ce1602583c7f Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Thu, 01 Feb 2024 09:12:59 GMT Content-Encoding gzip Last-Modified Fri, 26 Jan 2024 10:51:54 GMT Server nginx/1.18.0 ETag W/"65b38eca-b0c" Transfer-Encoding chunked Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive
GET H/1.1	200 OK	botFilterToken.js Show response store.playwing.com/bundles/botcontrol/js/	1 KB 731 B	12ms 7ms	Script application/javascript	52.29.203.44 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://store.playwing.com/bundles/botcontrol/js/botFilterToken.js?vdefault Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol HTTP/1.1 Server 52.29.203.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-203-44.eu-central-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash 63642ec07d6d3ceb25c2eea56ae0b9fdf3376e0221674e5e82f013e92e2ee174 Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Thu, 01 Feb 2024 09:12:59 GMT Content-Encoding gzip Last-Modified Fri, 26 Jan 2024 10:48:36 GMT Server nginx/1.18.0 ETag W/"65b38e04-42f" Transfer-Encoding chunked Content-Type application/javascript Cache-Control public, max-age=31536000 Connection keep-alive
GET H2	200	bootstrap.min.css cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/	118 KB 16 KB	31ms 20ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 09:12:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 1706402 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 16149 last-modified Mon, 04 May 2020 16:17:20 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb04010-1d970" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fB5n1VBbA4cjGaq%2Bzjm7BWJebSd1N2SXoUpzKcxWycYt6tlTIm%2B2RxHYFYaEi1IxH86Nr5PzfrCHa0%2Foegxx9NHTOAbNWKnUp3D8lv0RjDZ3xQdDXlhUULYnxQ5WITMggn5dH4OCHth5baWe8OdcCpD%2F"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84e9136adbe71c2c-FRA expires Tue, 21 Jan 2025 09:12:59 GMT
GET H2	200	swiper.min.css cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.0/css/	17 KB 3 KB	35ms 24ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/Swiper/3.4.0/css/swiper.min.css Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aa6093ae92ef933fc67b115b3f5e22f69f2fca61db60e1101197e5bc429a5c75 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 09:12:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 5371078 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2437 last-modified Mon, 04 May 2020 16:04:02 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03cf2-4561" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2eoDB9hOV1s8SlVECC7y3TPlC0lrpx6aTbBfA%2F9MSZaAm%2FfPGyf8bG81YK5OhzQZ8nXTt0iV3c0ygx%2B%2FCTN84hRRFWtES3eSuCwuti2DRDtF%2FsvX%2FGChpVuLm0cfGgUqZHETVw3XSELsAwhpTa3SR9l"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84e9136adbe01c2c-FRA expires Tue, 21 Jan 2025 09:12:59 GMT
GET H2	200	slick.min.css cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/	1 KB 726 B	36ms 25ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 09:12:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 4944073 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 382 last-modified Mon, 04 May 2020 16:16:21 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fd5-50a" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v2q%2BWOlr%2FFvemihbhHs4O6xQuLf5ibBa%2B2eVH6YsqUBKGzy7kFvyZT1Px%2FLWLp7eZ1ArpDzO7klrkoI2e1ks52Pr%2FKAGutrv4373O8FL5KhLZwAAToGQz4b1cs6mJxezIrP9TDrHCOpe9O%2F%2FRlMDT1ww"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84e9136adbe31c2c-FRA expires Tue, 21 Jan 2025 09:12:59 GMT
GET H2	200	magnific-popup.min.css cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/	5 KB 2 KB	20ms 19ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/magnific-popup.js/1.1.0/magnific-popup.min.css Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 09:12:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 7191337 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 1283 last-modified Mon, 04 May 2020 16:12:04 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ed4-148b" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jeNxKElKc5Pe%2FrUGpwpyKedLQn%2BujLwc91GUJL3ALYI%2FLUFe6Sl6OO3bBEYkA6sLh%2F47vjsQMiyeOPGmAoFMrBGxwFdVnpy3DbmFoGD8dwk6a0067Td99d9Y6Oi0BolaDiMRRc96g5jo%2B5jYm5rpn7P"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84e9136adbf51c2c-FRA expires Tue, 21 Jan 2025 09:12:59 GMT
GET H2	200	jquery.fancybox.min.css cdnjs.cloudflare.com/ajax/libs/fancybox/3.2.1/	12 KB 3 KB	21ms 20ms	Stylesheet text/css	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/fancybox/3.2.1/jquery.fancybox.min.css Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7933703de168c3e0d14b011ca732a5d03eefdb4ec7817317f47c40173dabc66c Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Thu, 01 Feb 2024 09:12:59 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 137969 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 2509 last-modified Mon, 04 May 2020 16:10:00 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03e58-3107" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6shkP2dX0vBW5HLN0o939beGE6y1NEZnRZMu69KvI6cxcBPQHy%2BXqrxNofShDNz8iwg6QsvFduyxP6AWRJuRiWsHGuItjR1ZWexS%2Fj7R5LW9BFbIRUXk3L0GH9evExSRE5Z7iPA70xsbKaBYoxCqIvij"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 84e9136adbf71c2c-FRA expires Tue, 21 Jan 2025 09:12:59 GMT
GET H/1.1	200 OK	new-playitall-bg.png store.playwing.com/bundles/app/images/Playitall/	246 KB 247 KB	7ms 7ms	Image image/png	52.29.203.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://store.playwing.com/bundles/app/images/Playitall/new-playitall-bg.png Requested by Host: store.playwing.com URL: http://store.playwing.com/bundles/app/css/Playitall/violet-landing.css?vdefault Protocol HTTP/1.1 Server 52.29.203.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-203-44.eu-central-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash 966613a7ebecba60d31359b735fd9b98e44bbcfa15adb2f5e6c42fc2e5a3d1b1 Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/bundles/app/css/Playitall/violet-landing.css?vdefault User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Thu, 01 Feb 2024 09:12:59 GMT Last-Modified Fri, 26 Jan 2024 10:48:36 GMT Server nginx/1.18.0 ETag "65b38e04-3d8e6" Content-Type image/png Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 252134
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v14/	23 KB 23 KB	30ms 7ms	Font font/woff2	2a00:1450:4001:80f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v14/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: store.playwing.com URL: http://store.playwing.com/bundles/app/css/Playitall/violet-styles.css?vdefault Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer http://store.playwing.com/ Origin http://store.playwing.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 30 Jan 2024 18:50:46 GMT x-content-type-options nosniff age 138133 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23316 x-xss-protection 0 last-modified Wed, 11 Oct 2017 18:23:15 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 29 Jan 2025 18:50:46 GMT
GET H/1.1	200 OK	1c87f3a19785465769cc1caa5f676f4a48f56de4.jpeg d34tfbat910nhi.cloudfront.net/uploads/images/campaign_banner/	29 KB 30 KB	59ms 25ms	Image image/jpeg	2600:9000:26db:2400:11:e50a:f980:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://d34tfbat910nhi.cloudfront.net/uploads/images/campaign_banner/1c87f3a19785465769cc1caa5f676f4a48f56de4.jpeg Requested by Host: store.playwing.com URL: http://store.playwing.com/lp?cid=65ba6841a6c68&clickid=201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA&pubid=1B4DbNJdv&iframe=false Protocol HTTP/1.1 Server 2600:9000:26db:2400:11:e50a:f980:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash e3f8e20c850877b9bf287679e896ac22c6c6b7bea8630cd9e87c79cd62adb9bb Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Fri, 26 Jan 2024 15:44:23 GMT x-amz-version-id _nTradi3amg0hFoge0clzEe6J0TRatIq Via 1.1 fd4a06b35c482e680f7f3fd9baaa0090.cloudfront.net (CloudFront) X-Amz-Cf-Pop MUC50-P3 Age 494917 x-amz-server-side-encryption AES256 X-Cache Hit from cloudfront Connection keep-alive Content-Length 29616 Last-Modified Thu, 11 Jan 2024 09:48:44 GMT Server AmazonS3 ETag "ecbc854e0f25809d318b48c8743d8675" Vary Origin Content-Type image/jpeg Cache-Control public, max-age=31536000 Accept-Ranges bytes X-Amz-Cf-Id 6xzTcZhi4vTt2kCQyFDewqtflQZtxQiqujKFyVPzX_5IhnqaANHUGQ==
GET H/1.1	200 OK	marker.png store.playwing.com/bundles/app/images/Playitall/	580 B 859 B	6ms 6ms	Image image/png	52.29.203.44 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL http://store.playwing.com/bundles/app/images/Playitall/marker.png Requested by Host: store.playwing.com URL: http://store.playwing.com/bundles/app/css/Playitall/violet-landing.css?vdefault Protocol HTTP/1.1 Server 52.29.203.44 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-29-203-44.eu-central-1.compute.amazonaws.com Software nginx/1.18.0 / Resource Hash c3143b29744c8bdc267601b33917da7115a39d470e562131fbf9a9ec19811eee Request headers accept-language de-DE,de;q=0.9 Referer http://store.playwing.com/bundles/app/css/Playitall/violet-landing.css?vdefault User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Thu, 01 Feb 2024 09:12:59 GMT Last-Modified Fri, 26 Jan 2024 10:48:36 GMT Server nginx/1.18.0 ETag "65b38e04-244" Content-Type image/png Cache-Control public, max-age=31536000 Connection keep-alive Accept-Ranges bytes Content-Length 580

10 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery object| $jscomp string| theLanguage function| showModalWait function| showModalAlert function| showDisclaimer function| getBotFilterToken function| validateBotFilterToken object| jQuery111103848815136455337

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			store.playwing.com/	1970-01-20 18:06:33	Name: PHPSESSID Value: 8dmr1q390snbg4rmijjur1u7cq
			store.playwing.com/	1970-01-20 18:06:20	Name: _pk_ses.1.4279 Value: %2A
			store.playwing.com/	1970-01-21 03:32:13	Name: _pk_id.1.4279 Value: d44551476642e78d.1706778779.1.1706778779..
			store.playwing.com/	1970-01-20 18:06:20	Name: _pk_cvar.1.4279 Value: %7B%222%22%3A%5B%22connection%22%2C%22Cellular%20%28M247%20Europe%7CM247%20Europe%7CM247%20Europe%20SRL%29%22%5D%2C%226%22%3A%5B%22operator%22%2C163%5D%2C%227%22%3A%5B%22affiliate%22%2C%22%7B%5C%22cid%5C%22%3A%5C%2265ba6841a6c68%5C%22%2C%5C%22clickid%5C%22%3A%5C%22201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA%5C%22%2C%5C%22pubid%5C%22%3A%5C%221B4DbNJdv%5C%22%2C%5C%22iframe%5C%22%3A%5C%22false%5C%22%2C%5C%22app_source%5C%22%3Anull%2C%5C%22site_source%5C%22%3A%5C%22http%3A%5C%5C%5C%2F%5C%5C%5C%2Fstore.playwing.com%5C%5C%5C%2Flp%3Fcid%3D65ba6841a6c68%26clickid%3D201AzadWo9FpXRXXf5LeMSMmtMeZhryfcBffB9wFxvZTa1U198RTMLsEQb9P4MwUZTpcfA%26pubid%3D1B4DbNJdv%5C%22%2C%5C%22affiliate_id%5C%22%3A419%2C%5C%22affiliateId%5C%22%3A419%2C%5C%22publisher_id%5C%22%3A%5C%221B4DbNJdv%5C%22%2C%5C%22subpublisher_id%5C%22%3Anull%2C%5C%22is_test_affiliate%5C%22%3Afalse%2C%5C%22is_sub_from_landing%5C%22%3Atrue%7D%22%5D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
d34tfbat910nhi.cloudfront.net
dolpusads.aftrad-visit.com
fonts.gstatic.com
store.playwing.com
172.67.71.68
2600:9000:26db:2400:11:e50a:f980:93a1
2606:4700::6811:180e
2a00:1450:4001:80f::2003
52.29.203.44
1670565574aab8aa0a287a4cd8f49cf0d8b0959ebe344f90ca8af696ede9c23b
2b230d07b7fcb0131af5bb7b4a9dd2218b92adb40f496c9afa78582bd368f694
3d92e113ac3031b838001ddddf965d045f470ff748ff2e116b30378910eeaecb
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5cf7f45c6a2d270651e23a5971de10f67894d71148d7b006d83848f811ed05a4
63642ec07d6d3ceb25c2eea56ae0b9fdf3376e0221674e5e82f013e92e2ee174
7570ece64256e3a0e1026865439a989b08ababe01f8819de552f4ec25722910f
7933703de168c3e0d14b011ca732a5d03eefdb4ec7817317f47c40173dabc66c
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
966613a7ebecba60d31359b735fd9b98e44bbcfa15adb2f5e6c42fc2e5a3d1b1
aa6093ae92ef933fc67b115b3f5e22f69f2fca61db60e1101197e5bc429a5c75
c3143b29744c8bdc267601b33917da7115a39d470e562131fbf9a9ec19811eee
ccfb0fccc8c6923d8967ce4bfe0787070f6b8fc1a97f58ade786ce1602583c7f
dfdebb63d2f457dd4c8bc718ad8e1219b5213129bbaa8b8e332a21ccebf15fdf
e3f8e20c850877b9bf287679e896ac22c6c6b7bea8630cd9e87c79cd62adb9bb
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c