winmoney.playtowinapps.com Open in urlscan Pro
52.20.140.8  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response winmoney.playtowinapps.com/	57 KB 57 KB	307ms 99ms	Document text/html	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash 47162d76d09b145133165aff30ba13926094ac31df2580081c991bebdfe708f2 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes content-length 57996 content-type text/html date Sun, 12 Jun 2022 13:08:45 GMT etag "62a5e47a-e28c" last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy x-envoy-upstream-service-time 1
GET H2	200	bootstrap.min.css maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/	141 KB 22 KB	43ms 22ms	Stylesheet text/css	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/css/bootstrap.min.css Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://winmoney.playtowinapps.com/ Origin https://winmoney.playtowinapps.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 756 access-control-allow-origin * cdn-cachedat 06/09/2022 14:01:47 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:04 GMT server cloudflare cdn-requestpullcode 200 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type text/css; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 20b93debb7e49e7d2ccdcf66984e7a8c cf-ray 71a2d1264f329b55-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
GET H2	200	css2 fonts.googleapis.com/	3 KB 992 B	41ms 18ms	Stylesheet text/css	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,900&display=swap Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7e0634f7786e4ebc2dbcef706c1cdde588afe98c93f9b144ed24eff754372b8c Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers strict-transport-security max-age=31536000 content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 last-modified Sun, 12 Jun 2022 13:08:45 GMT server ESF cross-origin-opener-policy same-origin-allow-popups date Sun, 12 Jun 2022 13:08:45 GMT x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 12 Jun 2022 13:08:45 GMT
GET H2	200	style.css winmoney.playtowinapps.com/assets/css/	3 KB 3 KB	191ms 191ms	Stylesheet text/css	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://winmoney.playtowinapps.com/assets/css/style.css Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash 93b44ee0fe0587af6dfe65ca6fda775f7a79cadd3ea152d9597ef55c9a1bbec5 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-b79" content-type text/css x-envoy-upstream-service-time 0 accept-ranges bytes content-length 2937
GET H2	200	js Show response www.googletagmanager.com/gtag/	191 KB 69 KB	46ms 22ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-NGVZHMWGK0 Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 94ffa2104227ae45789531098f7d79011ee422579713a48096c1151ea7703562 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT content-encoding br server Google Tag Manager access-control-allow-headers Cache-Control vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin strict-transport-security max-age=31536000; includeSubDomains alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 69988 x-xss-protection 0 expires Sun, 12 Jun 2022 13:08:45 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	108 KB 42 KB	25ms 24ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-643368850 Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5fdfd78033207827698a816375991eb52408a11563b67011bde8e2770c53a152 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43297 x-xss-protection 0 last-modified Sun, 12 Jun 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 Jun 2022 13:08:45 GMT
GET H2	200	boints-logo.svg winmoney.playtowinapps.com/assets/images/	155 KB 156 KB	102ms 102ms	Image image/svg+xml	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://winmoney.playtowinapps.com/assets/images/boints-logo.svg Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash a74f29d212e077aaa11f80bef006d2b362f8ad5ad63cbf215d5b2ceb75e44d63 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-26d5b" content-type image/svg+xml x-envoy-upstream-service-time 1 accept-ranges bytes content-length 159067
GET H2	200	logo-mobile.svg winmoney.playtowinapps.com/assets/images/	173 KB 173 KB	226ms 224ms	Image image/svg+xml	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://winmoney.playtowinapps.com/assets/images/logo-mobile.svg Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash d8222a5dada2ebde4cd9d234246a16a835440df3af28b06db1e2dd7923b0994d Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-2b446" content-type image/svg+xml x-envoy-upstream-service-time 67 accept-ranges bytes content-length 177222
GET H2	200	google-play.svg winmoney.playtowinapps.com/assets/images/	7 KB 7 KB	179ms 177ms	Image image/svg+xml	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://winmoney.playtowinapps.com/assets/images/google-play.svg Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash f2927e5581ca45a00a076d0814f19f0e504e8d9993fa84321492ba144f776ccf Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-1bda" content-type image/svg+xml x-envoy-upstream-service-time 66 accept-ranges bytes content-length 7130
GET H2	200	phone1.png winmoney.playtowinapps.com/assets/images/	48 KB 49 KB	180ms 178ms	Image image/png	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://winmoney.playtowinapps.com/assets/images/phone1.png Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash 47ee160875a67c7eb50b94b68fd4b58779bdd51a36f5b6b752855697e1b5c9f9 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-c1f6" content-type image/png x-envoy-upstream-service-time 66 accept-ranges bytes content-length 49654
GET H2	200	phone2.png winmoney.playtowinapps.com/assets/images/	33 KB 33 KB	274ms 273ms	Image image/png	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://winmoney.playtowinapps.com/assets/images/phone2.png Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash c384c45cbdd136303bd9d90c2598664a34f3e5174dac3a74e6118e736924262f Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-8439" content-type image/png x-envoy-upstream-service-time 67 accept-ranges bytes content-length 33849
GET H2	200	phone3.png winmoney.playtowinapps.com/assets/images/	28 KB 28 KB	178ms 177ms	Image image/png	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://winmoney.playtowinapps.com/assets/images/phone3.png Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash 1196dd03b29bc91259831d821f2325a67d90730fb8e59aa12e810a2fd73f685f Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-70d2" content-type image/png x-envoy-upstream-service-time 2 accept-ranges bytes content-length 28882
GET H2	200	coin1.svg winmoney.playtowinapps.com/assets/images/	10 KB 10 KB	275ms 274ms	Image image/svg+xml	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://winmoney.playtowinapps.com/assets/images/coin1.svg Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash 5ab62c018d990e0cf16909eea8bfd865c6738726d5255d42a7be531cb0c26712 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-264a" content-type image/svg+xml x-envoy-upstream-service-time 68 accept-ranges bytes content-length 9802
GET H2	200	coin2.svg winmoney.playtowinapps.com/assets/images/	13 KB 13 KB	176ms 176ms	Image image/svg+xml	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://winmoney.playtowinapps.com/assets/images/coin2.svg Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash e0dbc5b313b3be66b597669677906337218b07f90118741f65ff54b19ff26cc5 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-3225" content-type image/svg+xml x-envoy-upstream-service-time 1 accept-ranges bytes content-length 12837
GET H2	200	coin3.svg winmoney.playtowinapps.com/assets/images/	10 KB 10 KB	275ms 274ms	Image image/svg+xml	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://winmoney.playtowinapps.com/assets/images/coin3.svg Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash 12f4c30a29ed66e7d0cfd3e8c752a2ca98fed2e254264269961d1c6d160027c5 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-2654" content-type image/svg+xml x-envoy-upstream-service-time 68 accept-ranges bytes content-length 9812
GET H2	200	jquery.min.js Show response cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/	84 KB 27 KB	64ms 23ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 1621579 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 27198 timing-allow-origin * last-modified Mon, 04 May 2020 16:11:48 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03ec4-1514f" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D3rQ2XtOFbwkUoDFRkr5Nquyotd31NSOgy0L7zB9k%2FKVV3YgDcZJK55CDOCG%2BRP%2FIkccJMKX0l9OgOK6GWk90vZQg0%2BRr6yBNOqnsFGTvMRvx6D0U4yUbKSNgiZxjU%2BXANQUaJf%2BX%2BK%2FDZsFM9O45OAB"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71a2d127aff30215-ZRH expires Fri, 02 Jun 2023 13:08:45 GMT
GET H2	200	popper.min.js Show response cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/	19 KB 7 KB	77ms 37ms	Script application/javascript	2606:4700::6811:180e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/popper.min.js Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66 Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers Referer https://winmoney.playtowinapps.com/ Origin https://winmoney.playtowinapps.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} age 220282 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 6157 timing-allow-origin * last-modified Mon, 04 May 2020 16:15:37 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03fa9-4af4" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=15780000 report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8PctHny4x7rdecw6em0Hlf95fFthGJNCt2NkN8PyGA%2Bucxu90EfRuGFFrYeMdn6bHr2sLC2OjzwQobHOUe9zYiwIXvJczAYsWNRLjK39iULxcy%2FmnXCddaOZPTn1jPJKi1w6Pa92wWqiU45%2BEMTejjOI"}],"group":"cf-nel","max_age":604800} content-type application/javascript; charset=utf-8 access-control-allow-origin * vary Accept-Encoding cache-control public, max-age=30672000 accept-ranges bytes cf-ray 71a2d127cd640219-ZRH expires Fri, 02 Jun 2023 13:08:45 GMT
GET H3	200	bootstrap.min.js Show response maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/	48 KB 14 KB	57ms 32ms	Script application/javascript	2606:4700::6812:acf CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/bootstrap.min.js Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://winmoney.playtowinapps.com/ Origin https://winmoney.playtowinapps.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT content-encoding br x-content-type-options nosniff cf-cache-status MISS cdn-edgestorageid 860 access-control-allow-origin * cdn-cachedat 03/10/2022 17:24:53 cdn-pullzone 252412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cdn-proxyver 1.02 timing-allow-origin * last-modified Mon, 25 Jan 2021 22:04:04 GMT server cloudflare cdn-requestpullcode 200 etag W/"14d449eb8876fa55e1ef3c2cc52b0c17" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" strict-transport-security max-age=31536000; includeSubDomains; preload content-type application/javascript; charset=utf-8 cdn-cache HIT vary Accept-Encoding cache-control public, max-age=31919000 cdn-uid b1941f61-b576-4f40-80de-5677acb38f74 cdn-requestid 02f2a67a845030a9482116d84186c2b3 cf-ray 71a2d127b9b092ad-FRA cdn-requestcountrycode DE cdn-status 200 cdn-requestpullsuccess True
POST H2	204	collect www.google-analytics.com/g/	0 355 B	54ms 13ms	Ping text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-NGVZHMWGK0&gtm=2oe680&_p=1730067860&_z=ccd.tdB&cid=1094615406.1655039325&ul=en-us&sr=1600x1200&_s=1&sid=1655039325&sct=1&seg=0&dl=https%3A%2F%2Fwinmoney.playtowinapps.com%2F&dt=BOINTS&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NGVZHMWGK0 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Sun, 12 Jun 2022 13:08:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://winmoney.playtowinapps.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	js Show response www.googletagmanager.com/gtag/	108 KB 42 KB	32ms 31ms	Script application/javascript	2a00:1450:4001:82b::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=AW-643368850&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NGVZHMWGK0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 1c6c309d9adfaa6853f8aba73bef1df802ef2b1db3bd5a916d59d61555df71ff Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 43314 x-xss-protection 0 last-modified Sun, 12 Jun 2022 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Sun, 12 Jun 2022 13:08:45 GMT
GET H2	200	bg-desktop.svg winmoney.playtowinapps.com/assets/images/	7 KB 7 KB	272ms 272ms	Image image/svg+xml	52.20.140.8 AMAZON-AES
General Check archive.org Show headers Download Go to Show image Full URL https://winmoney.playtowinapps.com/assets/images/bg-desktop.svg Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/assets/css/style.css Protocol H2 Security TLS 1.3, , AES_128_GCM Server 52.20.140.8 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-52-20-140-8.compute-1.amazonaws.com Software istio-envoy / Resource Hash ba3a8f9da0a0db7de169ab64ffae9e1d01e18b8031255b28859e41a60e559898 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/assets/css/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT last-modified Sun, 12 Jun 2022 13:04:58 GMT server istio-envoy etag "62a5e47a-1b77" content-type image/svg+xml x-envoy-upstream-service-time 67 accept-ranges bytes content-length 7031
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	50ms 14ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://winmoney.playtowinapps.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 17:07:14 GMT x-content-type-options nosniff age 417691 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23580 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:48:56 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 07 Jun 2023 17:07:14 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	44ms 8ms	Font font/woff2	2a00:1450:4001:82a::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,300;0,400;0,700;0,900;1,900&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://winmoney.playtowinapps.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Tue, 07 Jun 2022 17:07:14 GMT x-content-type-options nosniff age 417691 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 07 Jun 2023 17:07:14 GMT
GET H2	200	conversion_async.js Show response www.googleadservices.com/pagead/	39 KB 15 KB	56ms 20ms	Script text/javascript	172.217.18.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion_async.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=AW-643368850 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s42-in-f2.1e100.net Software cafe / Resource Hash 22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers date Sun, 12 Jun 2022 13:08:45 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 15069 x-xss-protection 0 server cafe etag 11223643544955582496 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Sun, 12 Jun 2022 13:08:45 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/643368850/	2 KB 2 KB	42ms 20ms	Script text/javascript	2a00:1450:4001:800::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/643368850/?random=1655039325443&cv=9&fst=1655039325443&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa680&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwinmoney.playtowinapps.com%2F&tiba=BOINTS&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion_async.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 0cfd7e3cbb71ede10554e727f0319a1c1081eb74bcd7a27b0febec4f50655efb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Sun, 12 Jun 2022 13:08:45 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1031 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/643368850/	42 B 548 B	44ms 21ms	Image image/gif	2a00:1450:4001:801::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/643368850/?random=1655039325443&cv=9&fst=1655038800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa680&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwinmoney.playtowinapps.com%2F&tiba=BOINTS&async=1&fmt=3&is_vtc=1&random=752410844&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Sun, 12 Jun 2022 13:08:45 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/643368850/	42 B 548 B	45ms 23ms	Image image/gif	2a00:1450:4001:812::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/643368850/?random=1655039325443&cv=9&fst=1655038800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa680&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwinmoney.playtowinapps.com%2F&tiba=BOINTS&async=1&fmt=3&is_vtc=1&random=752410844&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: winmoney.playtowinapps.com URL: https://winmoney.playtowinapps.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Sun, 12 Jun 2022 13:08:45 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	collect www.google-analytics.com/g/	0 17 B	29ms 14ms	Ping text/plain	2a00:1450:4001:811::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/g/collect?v=2&tid=G-NGVZHMWGK0&gtm=2oe680&_p=1730067860&_z=ccd.tdB&cid=1094615406.1655039325&ul=en-us&sr=1600x1200&_s=2&sid=1655039325&sct=1&seg=0&dl=https%3A%2F%2Fwinmoney.playtowinapps.com%2F&dt=BOINTS&en=scroll&_et=32&epn.percent_scrolled=90 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-NGVZHMWGK0 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://winmoney.playtowinapps.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36 Response headers pragma no-cache date Sun, 12 Jun 2022 13:08:50 GMT server Golfe2 content-type text/plain access-control-allow-origin https://winmoney.playtowinapps.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| google_tag_manager object| dataLayer function| gtag function| onYouTubeIframeAPIReady object| google_tag_data object| gaGlobal function| gtag_report_conversion function| $ function| jQuery function| Popper object| bootstrap function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.playtowinapps.com/	1970-01-20 21:15:11	Name: _ga_NGVZHMWGK0 Value: GS1.1.1655039325.1.0.1655039325.0
			.playtowinapps.com/	1970-01-20 21:15:11	Name: _ga Value: GA1.1.1094615406.1655039325
			.playtowinapps.com/	1970-01-20 05:53:35	Name: _gcl_au Value: 1.1.1633596188.1655039325
			.doubleclick.net/	1970-01-20 03:44:00	Name: test_cookie Value: CheckForPermission

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
winmoney.playtowinapps.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
172.217.18.98
2606:4700::6811:180e
2606:4700::6812:acf
2a00:1450:4001:800::2002
2a00:1450:4001:801::2004
2a00:1450:4001:811::200e
2a00:1450:4001:812::2003
2a00:1450:4001:812::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
52.20.140.8
0cfd7e3cbb71ede10554e727f0319a1c1081eb74bcd7a27b0febec4f50655efb
1196dd03b29bc91259831d821f2325a67d90730fb8e59aa12e810a2fd73f685f
12f4c30a29ed66e7d0cfd3e8c752a2ca98fed2e254264269961d1c6d160027c5
1c6c309d9adfaa6853f8aba73bef1df802ef2b1db3bd5a916d59d61555df71ff
22f38bcd5544708fe83348bf6b068d4f521e0cb16c32d0256b7e027760114bad
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
47162d76d09b145133165aff30ba13926094ac31df2580081c991bebdfe708f2
47ee160875a67c7eb50b94b68fd4b58779bdd51a36f5b6b752855697e1b5c9f9
5ab62c018d990e0cf16909eea8bfd865c6738726d5255d42a7be531cb0c26712
5fdfd78033207827698a816375991eb52408a11563b67011bde8e2770c53a152
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
7e0634f7786e4ebc2dbcef706c1cdde588afe98c93f9b144ed24eff754372b8c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93b44ee0fe0587af6dfe65ca6fda775f7a79cadd3ea152d9597ef55c9a1bbec5
94ffa2104227ae45789531098f7d79011ee422579713a48096c1151ea7703562
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a74f29d212e077aaa11f80bef006d2b362f8ad5ad63cbf215d5b2ceb75e44d63
ba3a8f9da0a0db7de169ab64ffae9e1d01e18b8031255b28859e41a60e559898
c384c45cbdd136303bd9d90c2598664a34f3e5174dac3a74e6118e736924262f
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d8222a5dada2ebde4cd9d234246a16a835440df3af28b06db1e2dd7923b0994d
e0dbc5b313b3be66b597669677906337218b07f90118741f65ff54b19ff26cc5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2927e5581ca45a00a076d0814f19f0e504e8d9993fa84321492ba144f776ccf