winusa.play-store-top.com Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://winusa.play-store-top.com/
Submission: On June 22 via api (June 22nd 2024, 8:01:33 pm UTC) from US — Scanned from NL

Summary HTTP 26 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 26 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is winusa.play-store-top.com.
TLS certificate: Issued by WE1 on June 18th 2024. Valid for: 3 months.

This is the only time winusa.play-store-top.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 10	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.74.202 142.250.74.202	15169 (GOOGLE) (GOOGLE)
1	172.64.147.188 172.64.147.188	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	172.67.139.119 172.67.139.119	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	216.58.206.54 216.58.206.54	15169 (GOOGLE) (GOOGLE)
26	5

10 188.114.96.3 (Amsterdam, Netherlands) 1 redirects

ASN13335 (CLOUDFLARENET, US)

winusa.play-store-top.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.74.202 (Plainview, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.147.188 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.67.139.119 (United States)

ASN13335 (CLOUDFLARENET, US)

ka-f.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 216.58.206.54 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f22.1e100.net

play-lh.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
11	googleusercontent.com play-lh.googleusercontent.com — Cisco Umbrella Rank: 534	2 MB
10	play-store-top.com 1 redirects winusa.play-store-top.com	200 KB
5	fontawesome.com kit.fontawesome.com — Cisco Umbrella Rank: 2060 ka-f.fontawesome.com — Cisco Umbrella Rank: 5357	101 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 83	1 KB
26	4

	Domain	Requested by
11	play-lh.googleusercontent.com
10	winusa.play-store-top.com	1 redirects winusa.play-store-top.com
4	ka-f.fontawesome.com	kit.fontawesome.com
1	kit.fontawesome.com	winusa.play-store-top.com
1	fonts.googleapis.com	winusa.play-store-top.com
26	5

This site contains links to these domains. Also see Links.

Domain
play.google.com
randompixels.ru

Subject Issuer	Validity	Valid
play-store-top.com WE1	`2024-06-18` - `2024-09-16`	3 months	crt.sh
upload.video.google.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh
*.fontawesome.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-04` - `2025-01-03`	a year	crt.sh
ka-f.fontawesome.com GTS CA 1P5	`2024-05-03` - `2024-08-01`	3 months	crt.sh
edgestatic.com WR2	`2024-06-03` - `2024-08-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://winusa.play-store-top.com/
Frame ID: 8784C195720C98E9ACE89155C5C500E7
Requests: 24 HTTP requests in this frame

Frame: https://winusa.play-store-top.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
Frame ID: 6ABA9F8BDD726963E40920A49041CB9D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

3 In A Row

Detected technologies

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
kit\.fontawesome\.com/([0-9a-z]+).js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

26
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2497 kB
Transfer

2862 kB
Size

6
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://play.google.com/store/apps/details?id=com.studio.pokstory&hl=en_US&pli=1
Title: Download

Search URL Search Domain Scan URL

URL: http://randompixels.ru/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6

https://winusa.play-store-top.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
https://winusa.play-store-top.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

26 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
winusa.play-store-top.com/ 20 KB
6 KB 966ms
917ms Document
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winusa.play-store-top.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3194fca63fbb40dd9178494c450cf8ee170f7b9d9ca1d9076d084f90bf1f59c5

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache, no-store, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 897ed488feff1e14-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 22 Jun 2024 20:01:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FYppeLXzPiuBmg7ITk46tU01dSuEFhI8r1RsI%2Fsi8H5YoejyHCMK8hXENADJGgm9SbP9yEUoECU4jENxFmDPpVQqjVMp6jnOmWYXC2I3CnzKKgwm7DG8%2FcEKQ2Cr%2F9%2FgpMxltXN3zhIg8SMx"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 css
fonts.googleapis.com/ 3 KB
1 KB 380ms
32ms Stylesheet
text/css 142.250.74.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Material+Icons|Material+Icons+Outlined|Material+Icons+Two+Tone|Material+Icons+Round|Material+Icons+Sharp

Requested by

Host: winusa.play-store-top.com
URL: https://winusa.play-store-top.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.202 Plainview, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f10.1e100.net

Software

ESF /

Resource Hash

09b4de76e295495530bbd9fa7b6b61d7bc00e2df4e23d2ceacfb4e002e5a9f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Sat, 22 Jun 2024 20:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 22 Jun 2024 20:01:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 22 Jun 2024 20:01:27 GMT

GET
H2 200 42d5adcbca.js Show response
kit.fontawesome.com/ 12 KB
5 KB 543ms
185ms Script
text/javascript 172.64.147.188
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://kit.fontawesome.com/42d5adcbca.js
Requested by: Host: winusa.play-store-top.com
URL: https://winusa.play-store-top.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.147.188 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dc03394c410b465031aaf12d8d4e3595633c006f79c30956f2c266a52be4dda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Origin: https://winusa.play-store-top.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
content-encoding: gzip
cf-cache-status: MISS
server: cloudflare
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
content-type: text/javascript
cache-control: max-age=60, public, stale-while-revalidate=30
cf-ray: 897ed490ffdd9188-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id: F9tsDVVc9jfiBfDIOwOi

GET
H3 200 main.c4b97f68.js Show response
winusa.play-store-top.com/static/js/ 402 KB
127 KB 207ms
206ms Script
application/javascript 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winusa.play-store-top.com/static/js/main.c4b97f68.js
Requested by: Host: winusa.play-store-top.com
URL: https://winusa.play-store-top.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80e4a6888c8c04d7e2fb76077a7c693c9ba7cb47e168616157fd505fb8afacfe

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 22 Dec 2023 13:06:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"658589bc-64635"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2hnVBvl93HKzFkbGQbnG0wEtPec5s7LE9nse1zBuWTwiQrOWCYheq4KVsjfQI3KXqctgB48AC5CdXg2IaHMq4%2BGMaa4vzsc90qsPO6%2BGqYhis5LxnQM%2FECKeZsACe2egv9m6gW0LK1ueewQR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=14400
cf-ray: 897ed4912ffe1e14-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 free.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 59 KB
13 KB 157ms
50ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=42d5adcbca
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/42d5adcbca.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
content-encoding: gzip
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XJRpN6oAT%2FDO3bGZqwvQ0XgrHRbX%2BDDTmWgUDz%2BVkY%2FxW1MVlpKz%2F0Q425eh4epoFP7n3ulQ9GjIPeOdc%2F3%2B55gGnjP2%2ByNMkfqfrtwWzcNpZmuH0G%2BHVhJ6MayW1%2FtaFlfUjnT1Rg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 897ed492de8391cf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: PTu_iHGikUrnJwkoqCAAUD9lM6koFSQmnXAubenJcKDU1HekH9qTRA==

GET
H3 200 free-v4-shims.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 26 KB
5 KB 187ms
80ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=42d5adcbca
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/42d5adcbca.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
content-encoding: gzip
via: 1.1 0d4b487d54766de7560aa02de852bbf8.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2vmVw%2F%2BqQIND3zkjHDaBy4roruHGsGGKe205UUd4GWvZsxJPqPRWBjCxOE%2FdScGgKrF0te1Al7KsMoVShqmPAWacdpoJ3YYc5CXIuYxz5FDpcKSWQbxdnqVL%2Bozny8OD4ViPFiU7Tg%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 897ed492de8791cf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: OqAELMtegI0bZsSVMQh7dyKrCYT8pe68ZK4oq5UZiPjAo0JTvD6_-A==

GET
H3 200 free-v4-font-face.min.css Show response
ka-f.fontawesome.com/releases/v5.15.4/css/ 3 KB
1 KB 181ms
74ms Fetch
text/css 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=42d5adcbca
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/42d5adcbca.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
content-encoding: gzip
via: 1.1 2e4a0520ad8fe16707823b20e9441e08.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
server: cloudflare
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Oa27%2B1SiASXK%2FqpdptgDq2YPBEwH9u5vq5YSARqbWL%2FrzcuAEAkyymWE15v8YRN0ucxdrNVrkTZ97IEzPFn1CH5DXAq9Z9DhD29L2raDuYAdvHrPIhb%2F6THf%2B88O9zXbgKguhbUUHA%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
cf-ray: 897ed492de8591cf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: F78HVGzpOmmyLjvO5DQVYPhUbT1PqTzBMD4E2ld9ziwjfgc6hGO4rw==

GET
H3

200

main.js Show response
winusa.play-store-top.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/ Frame 6ABA
Redirect Chain

https://winusa.play-store-top.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
https://winusa.play-store-top.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

8 KB
4 KB

34ms
33ms

Script
application/javascript

188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://winusa.play-store-top.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js

Protocol

Server

188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a08802d1f8fc668b0788a3d19045fd1878660f1e4aeafa91428115facb1108f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OCk%2BSB5Vnr3qJUkwdhtH1BTpo1EC2wrRWfRhkeEoJ3D1oBbszXp9EeKnv78pVg2ho7qbknWc5tMT7xC5scYP%2Byk8v7xtSoY4ScK%2FJQjq1UZRskM1YDZ5W0Mb%2FmA8%2FewoN%2FFR%2FrX1YPGO0JPw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
cf-ray: 897ed493bcd81e14-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 22 Jun 2024 20:01:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qg4Ziarr30Uuc%2Fn%2FwAOMuakxWniHkROPeBr17ThYupoCZyz%2B%2FYZofQy%2BX%2FFzRjipr%2Ftm79HW1cM7jCuxdopdhkAYA3kp%2B7yx2st6l4HR4S3SEXSC6TybUQTGubbaPeLZvYWwQ7gL1oDs5iwP"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/c7e29c8c8b6e/main.js
access-control-allow-origin: *
cache-control: max-age=300, public
cf-ray: 897ed4937c801e14-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 3zXNOKA_beYoyTlggyZ0xu8zUmrvG6YG4s7obk_vfpi5V1YPLwSSxZBy4Tu9eIUNcms
play-lh.googleusercontent.com/ 282 KB
282 KB 549ms
185ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/3zXNOKA_beYoyTlggyZ0xu8zUmrvG6YG4s7obk_vfpi5V1YPLwSSxZBy4Tu9eIUNcms

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

e153c79df041f829f401ce1fb7733d9f23542f39878079476a311cf697540cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 288736
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H2 200 RXmq3chY1jZgz_ZGiD3BWoHNw6zr7YRizNEvvx2QhuYNhhhrR4qvfQejLknZGCuZRpAo
play-lh.googleusercontent.com/ 200 KB
201 KB 673ms
310ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/RXmq3chY1jZgz_ZGiD3BWoHNw6zr7YRizNEvvx2QhuYNhhhrR4qvfQejLknZGCuZRpAo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

7ab1f7661cbcadeae28a9a72dc825dcee08807f1178f93b639ddb5643ea4da59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205195
x-xss-protection: 0
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H2 200 AxCzGej1w6SE2nCkbsMco6PCkTJK16pkh7e-M-V2HDhLKifBJKjIWgeLTjEIk_PQeqk
play-lh.googleusercontent.com/ 202 KB
202 KB 651ms
288ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/AxCzGej1w6SE2nCkbsMco6PCkTJK16pkh7e-M-V2HDhLKifBJKjIWgeLTjEIk_PQeqk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

7ecc378c843638fb0d8fec1c1f3c8ca517a6c879cb7091b45554dcd0ec4bd0da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206450
x-xss-protection: 0
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H2 200 kSU8EF_0th5mK_DgUiNOixaUJ94zNNkR0_riEExZGBVM6RCt5rrz4AcuC9oJpexP_w
play-lh.googleusercontent.com/ 202 KB
202 KB 700ms
337ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/kSU8EF_0th5mK_DgUiNOixaUJ94zNNkR0_riEExZGBVM6RCt5rrz4AcuC9oJpexP_w

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

aa409df4060498c08f7af26a748ba94725ef990704b40425541d7f3afda7e9b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206499
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H2 200 XCblMBjrUaXv3DDNFkzwGbLknW6SQBncJwGUIi0qSy3PtGhf97REAquFN6A9iekTvSV-
play-lh.googleusercontent.com/ 202 KB
202 KB 626ms
263ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/XCblMBjrUaXv3DDNFkzwGbLknW6SQBncJwGUIi0qSy3PtGhf97REAquFN6A9iekTvSV-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

aa409df4060498c08f7af26a748ba94725ef990704b40425541d7f3afda7e9b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206499
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H2 200 l-nqkkl1Zm0NqKrbr8DRL5dMeQPBUOQZvDlish1DBwcBHjSh6BiKZ4SD_8pLgJ-0nmU
play-lh.googleusercontent.com/ 200 KB
201 KB 730ms
368ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/l-nqkkl1Zm0NqKrbr8DRL5dMeQPBUOQZvDlish1DBwcBHjSh6BiKZ4SD_8pLgJ-0nmU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

7ab1f7661cbcadeae28a9a72dc825dcee08807f1178f93b639ddb5643ea4da59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205195
x-xss-protection: 0
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H2 200 -VV-zJn1leeFt23M1kFbKJZvrPY-FL7uG6dv8ZQdn2Aer2NQZAYr0wjByWbHnNi-og
play-lh.googleusercontent.com/ 202 KB
202 KB 290ms
289ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/-VV-zJn1leeFt23M1kFbKJZvrPY-FL7uG6dv8ZQdn2Aer2NQZAYr0wjByWbHnNi-og

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

7ecc378c843638fb0d8fec1c1f3c8ca517a6c879cb7091b45554dcd0ec4bd0da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206450
x-xss-protection: 0
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H2 200 xB5cQTsWi5oqqmRdfATFRs6dpIP1qojaaEeTJYI4fHabfWo4ElZ5_-VnN-Tyx4QKCw
play-lh.googleusercontent.com/ 202 KB
202 KB 560ms
560ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/xB5cQTsWi5oqqmRdfATFRs6dpIP1qojaaEeTJYI4fHabfWo4ElZ5_-VnN-Tyx4QKCw

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

aa409df4060498c08f7af26a748ba94725ef990704b40425541d7f3afda7e9b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.png"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206499
x-xss-protection: 0
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H2 200 Xe7qxJJSjBo8Yaa-Hvy60nKDHnI11Lq4_bkQXYradAMD3AlVCHelmSG2VjhVW2mN874
play-lh.googleusercontent.com/ 200 KB
201 KB 203ms
202ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/Xe7qxJJSjBo8Yaa-Hvy60nKDHnI11Lq4_bkQXYradAMD3AlVCHelmSG2VjhVW2mN874

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

7ab1f7661cbcadeae28a9a72dc825dcee08807f1178f93b639ddb5643ea4da59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205195
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H2 200 PyzZPqHShWSImnvgxc_yTt1BUEE8sD6OwqOOR7CC07uWWLgF6HIhe7gDyMFfyQaMnUs
play-lh.googleusercontent.com/ 202 KB
202 KB 228ms
227ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/PyzZPqHShWSImnvgxc_yTt1BUEE8sD6OwqOOR7CC07uWWLgF6HIhe7gDyMFfyQaMnUs

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

7ecc378c843638fb0d8fec1c1f3c8ca517a6c879cb7091b45554dcd0ec4bd0da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 206450
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H2 200 rVMKNNFkXx7A5zvPYfn-XeUfVZfZpca4UNQnxAW-RR7XePuMRa0WKh-WIDV7mXLs4Q
play-lh.googleusercontent.com/ 100 KB
100 KB 620ms
286ms Image
image/png 216.58.206.54
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://play-lh.googleusercontent.com/rVMKNNFkXx7A5zvPYfn-XeUfVZfZpca4UNQnxAW-RR7XePuMRa0WKh-WIDV7mXLs4Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.54 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f22.1e100.net

Software

fife /

Resource Hash

1603fe23ec4e8b8fca61da8a09396a40a2729094b582bbf409f1316ef7f5b19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:28 GMT
x-content-type-options: nosniff
age: 0
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102646
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 23 Jun 2024 20:01:28 GMT

GET
H3 200 normal.woff2
winusa.play-store-top.com/cf-fonts/s/roboto/5.0.11/latin/400/ 15 KB
16 KB 107ms
106ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winusa.play-store-top.com/cf-fonts/s/roboto/5.0.11/latin/400/normal.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Origin: https://winusa.play-store-top.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8UKy00r%2BrcmA74Mjie6qexTRbf0vWc2WVlb90Z5oZU8zfU9K1oc84pCd0yqKXcYbj8J4Bery8uvw76ND0M32Py2mODVvaKZWNM3PlASfeg0zeh1D3IA3oZxm1B58qtgMR2u5zsGV9afQ9LRm"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 897ed493dd161e14-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15744

GET
H3 200 normal.woff2
winusa.play-store-top.com/cf-fonts/s/roboto/5.0.11/latin/700/ 15 KB
16 KB 116ms
115ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winusa.play-store-top.com/cf-fonts/s/roboto/5.0.11/latin/700/normal.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Origin: https://winusa.play-store-top.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0vfx6h9Jn5WzMO0hBoLIIulvjzsKlincsWY%2FxMMDbFr9jsRJTQhZx1Gw5%2F0YbGV7YSw44d3dZiQrbLGMH%2ByKKXSVma9GgNCoSGjZ%2BJUU7A8jfmxaRZO%2FbtLgSHZRDaMowuaxfdnJFNK5Q9ym"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 897ed493dd181e14-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15860

GET
H3 200 normal.woff2
winusa.play-store-top.com/cf-fonts/s/roboto/5.0.11/latin/300/ 15 KB
16 KB 153ms
152ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winusa.play-store-top.com/cf-fonts/s/roboto/5.0.11/latin/300/normal.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Origin: https://winusa.play-store-top.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5pgyBU9Lx2wcpf96oqdsVbqL%2FLi5Op8qTKUMVGh2aNea9Eva3eboyqMBzJLV8b8T9b318Y8RP2E5bD5arh02%2BI70S0ojRY6mH6giGBZ8FJR65E%2B0XvTNTbAPcRwY5nnDh0HnnsOFPr2j%2FMlD"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 897ed4942d951e14-FRA
alt-svc: h3=":443"; ma=86400
content-length: 15740

GET
H3 200 normal.woff2
winusa.play-store-top.com/cf-fonts/s/roboto-slab/5.0.18/latin/700/ 14 KB
14 KB 168ms
168ms Font
application/octet-stream 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winusa.play-store-top.com/cf-fonts/s/roboto-slab/5.0.18/latin/700/normal.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d531d2326ba02994a585f666486d2bbb664425608a707fe1ea0a6d5935f30806

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Origin: https://winusa.play-store-top.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FJqMcFnt5xoG51l9aoJkl6aHqFWMZGVF4%2BvmXA7m33%2BmAx6YBBLLP1TR2K7I9bsiBTSqAOp%2BVyUsaNOwmWycgKyoP%2BltWh9BMt6khWgIoNNmQiT2yV3zJGG1P6KxSUNVQydLUN3zkExym7pN"}],"group":"cf-nel","max_age":604800}
cache-control: public, max-age=31536000, immutable
cf-ray: 897ed4942d991e14-FRA
alt-svc: h3=":443"; ma=86400
content-length: 14240

GET
H3 404 favicon.ico
winusa.play-store-top.com/ 548 B
556 B 225ms
225ms Other
text/html 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winusa.play-store-top.com/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BAiIG0bLiY3WbgdmJEAdlyymfXJ3AO9YI3UuMNlsVefOpXTYOgH0qRNtb9pYta6iQXPlL%2FqWX0Xs87hVHdNTR3NpdkS%2F%2Bj%2Bh7FCbQW4J91pKGmrjsQVpGhAf8Vt3CJaPymnPEYFrDBH%2Fd5S7"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: max-age=14400
cf-ray: 897ed4942d9d1e14-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 free-fa-solid-900.woff2
ka-f.fontawesome.com/releases/v5.15.4/webfonts/ 76 KB
77 KB 48ms
48ms Font
font/woff2 172.67.139.119
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-f.fontawesome.com/releases/v5.15.4/webfonts/free-fa-solid-900.woff2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.139.119 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer: https://winusa.play-store-top.com/
Origin: https://winusa.play-store-top.com
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
via: 1.1 8e83c42d247a31c5b365c08a0352d8f8.cloudfront.net (CloudFront)
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop: FRA56-C2
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 78168
last-modified: Wed, 04 Aug 2021 18:58:24 GMT
server: cloudflare
etag: "a9fd1225fb2cd32320e2b931dca01089"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x2T5GD5whC7KhCs6oii4AG6IkZT9g1OCX07lyzcGpgUnMAW0%2Fil8BZogtBfRUE5wudUG8yAzfcfXZ%2BIIQmV1bVlcMdel0Rr%2BBePaJeuhUuUtSolcZhLQ6pXRywa4%2Bl76J1W6T2kAbw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=31556926
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 897ed493af6691cf-FRA
access-control-allow-headers: fa-kit-token
x-amz-cf-id: NDlUnIdmij9KnSSFSk7Ycr_Mv2stOKMu0ZmIpWJQXTmfKVFoMqTLLQ==

POST
H3 200 897ed488feff1e14 Show response
winusa.play-store-top.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame 6ABA 0
702 B 197ms
183ms XHR
text/plain 188.114.96.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://winusa.play-store-top.com/cdn-cgi/challenge-platform/h/b/jsd/r/897ed488feff1e14
Requested by: Host: winusa.play-store-top.com
URL: https://winusa.play-store-top.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-platform: "Win32"
Referer
Accept-Language: nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 22 Jun 2024 20:01:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hrG%2BafPrasOFjSapLRHLBM1hPp1T%2FGST8oRKxon%2FRvnn0rSXP7wHYZ7FS%2FAKklryWGcnN1nl%2F95x9zO15%2FkWiAhUE0JjHbPCmkh%2B%2F4gQ%2FOzFf%2FZiHg2e1cZARx15gxqUtc6U6X9UXQ0veseq"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 897ed4947e191e14-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
winusa.play-store-top.com/	1970-01-21 06:17:02	Name: piuida2wx7x Value: 3553e5a0-30d2-11ef-becc-75b21dead8bb
winusa.play-store-top.com/	1970-01-21 06:17:02	Name: pcpnrv62oz Value: white1
winusa.play-store-top.com/	1970-01-21 06:17:02	Name: pwaid9cemfq Value: EZR4
winusa.play-store-top.com/	1970-01-21 06:17:02	Name: splitidbltl7i Value: -1
winusa.play-store-top.com/	1970-01-21 06:17:02	Name: sdatafzfntu Value: qtUl66zrv8QL7PdO8XK8LHh1LRMPcNEog318mYm4wmk%3D
.play-store-top.com/	1970-01-21 06:17:02	Name: cf_clearance Value: G4VZbrzdRsPMiLHgKb44GtP1sHRnxyFiyJIV1zjdDQQ-1719086487-1.0.1.1-Pd6gQhCK3kUxqafWMaSyRGu9sVTQb1nyjLIOB_zpi1NMcHi1Udv1yJCwOacKxFYjKSDjkw2060ljfo9GU0UrXg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://winusa.play-store-top.com/favicon.ico Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
ka-f.fontawesome.com
kit.fontawesome.com
play-lh.googleusercontent.com
winusa.play-store-top.com
142.250.74.202
172.64.147.188
172.67.139.119
188.114.96.3
216.58.206.54
09b4de76e295495530bbd9fa7b6b61d7bc00e2df4e23d2ceacfb4e002e5a9f7e
1603fe23ec4e8b8fca61da8a09396a40a2729094b582bbf409f1316ef7f5b19c
3194fca63fbb40dd9178494c450cf8ee170f7b9d9ca1d9076d084f90bf1f59c5
6dc03394c410b465031aaf12d8d4e3595633c006f79c30956f2c266a52be4dda
6dea47458a4cd7cd7312cc780a53c62e0c8b3ccc8d0b13c1ac0ea6e3dfcecea8
7ab1f7661cbcadeae28a9a72dc825dcee08807f1178f93b639ddb5643ea4da59
7ecc378c843638fb0d8fec1c1f3c8ca517a6c879cb7091b45554dcd0ec4bd0da
7f8b63bff49fba3c5bae30f4eb39f2fd6d088fbe9d7292bdf37b0ef4a1ec68d6
80e4a6888c8c04d7e2fb76077a7c693c9ba7cb47e168616157fd505fb8afacfe
a08802d1f8fc668b0788a3d19045fd1878660f1e4aeafa91428115facb1108f5
aa409df4060498c08f7af26a748ba94725ef990704b40425541d7f3afda7e9b8
c5dd43f53f3af822cbf17b1fb75f46192cdbd51724f277acf6cf0dacb3fd57e7
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
d531d2326ba02994a585f666486d2bbb664425608a707fe1ea0a6d5935f30806
e153c79df041f829f401ce1fb7733d9f23542f39878079476a311cf697540cce
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
fc5128dfdcdfa0c3a9967a6d2f19399d7bf1aaae6ad7571b96b03915a1f30dda

winusa.play-store-top.com Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

26 Requests

96 %HTTPS

0 %IPv6

4 Domains

5 Subdomains

5 IPs

2 Countries

2497 kBTransfer

2862 kBSize

6 Cookies

2 Outgoing links

Redirected requests

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

6 Cookies

1 Console Messages

Indicators

winusa.play-store-top.com Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

26
Requests

96 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

2497 kB
Transfer

2862 kB
Size

6
Cookies

26 HTTP transactions
0 data transactions