URL: https://5play.org/index.php?do=cdn&id=160385&lang=en
Submission Tags: falconsandbox
Submission: On October 01 via api from US — Scanned from DE

Summary

This website contacted 6 IPs in 2 countries across 5 domains to perform 17 HTTP transactions. The main IP is 2606:4700:20::ac43:4790, located in United States and belongs to CLOUDFLARENET, US. The main domain is 5play.org. The Cisco Umbrella rank of the primary domain is 390910.
TLS certificate: Issued by WE1 on September 24th 2024. Valid for: 3 months.
This is the only time 5play.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 2606:4700:20:... 13335 (CLOUDFLAR...)
3 178.63.248.56 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 157.90.33.68 24940 (HETZNER-AS)
1 2001:4860:480... 15169 (GOOGLE)
17 6
Apex Domain
Subdomains
Transfer
10 5play.org
5play.org — Cisco Umbrella Rank: 390910
143 KB
3 push-sdk.com
push-sdk.com — Cisco Umbrella Rank: 44321
16 KB
2 uidsync.net
uidsync.net — Cisco Umbrella Rank: 44386
704 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 3391
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
105 KB
17 5
Domain Requested by
10 5play.org 5play.org
3 push-sdk.com 5play.org
push-sdk.com
2 uidsync.net push-sdk.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com 5play.org
17 5

This site contains links to these domains. Also see Links.

Domain
t.me
s1.5playdisk.com
www.facebook.com
accounts.google.com
Subject Issuer Validity Valid
5play.org
WE1
2024-09-24 -
2024-12-23
3 months crt.sh
push-sdk.com
R11
2024-08-11 -
2024-11-09
3 months crt.sh
*.google-analytics.com
WR2
2024-09-16 -
2024-12-09
3 months crt.sh
uidsync.net
Sectigo RSA Domain Validation Secure Server CA
2023-12-30 -
2025-01-29
a year crt.sh

This page contains 1 frames:

Primary Page: https://5play.org/index.php?do=cdn&id=160385&lang=en
Frame ID: 2184B0C705AFC8B84C955059B3B9202F
Requests: 17 HTTP requests in this frame

Screenshot

Page Title

Downloading file bitlife-life-simulator-3.15.7-mod-t-5play.apk

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)

Overall confidence: 100%
Detected patterns
  • <a[^>]*accounts\.google\.com/o/oauth2

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

17
Requests

100 %
HTTPS

60 %
IPv6

5
Domains

5
Subdomains

6
IPs

2
Countries

264 kB
Transfer

745 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request index.php
5play.org/
20 KB
8 KB
Document
General
Full URL
https://5play.org/index.php?do=cdn&id=160385&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.16
Resource Hash
18e9eb4854fcc7de22c5664cca05760daf6522a027779bdc7ae2b931d8168750
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
8cbd87b089805c68-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Tue, 01 Oct 2024 15:36:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mTr%2F8HHvxZobjFdGYemReRzaE2r%2FAUNPyT%2FVIcDdc0aRD3gddRiVY%2Fs4f2ZlBacLlbNJrKhZOJGUPS7L45AetcfA5e5gLfwpYvI%2FYK5uAXZRO5fQYB%2Bi0rZgCc2lOOfVxRmyoYZmwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=31536000
x-frame-options
SAMEORIGIN
x-powered-by
PHP/8.1.16
manrope-v3-cyrillic-700.woff2
5play.org/templates/5p/fonts/
16 KB
17 KB
Font
General
Full URL
https://5play.org/templates/5p/fonts/manrope-v3-cyrillic-700.woff2
Requested by
Host: 5play.org
URL: https://5play.org/index.php?do=cdn&id=160385&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
01893ff10dff05bd1c457646e42a4acb5fdec937609a7cf61b8a2f795f311d77
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://5play.org
Referer
https://5play.org/index.php?do=cdn&id=160385&lang=en

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"4178-5b96633adcdb5"
age
2496
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1SpeiwynBIDgyKbIoqBnhqgSoMZsyfx6229mGfHvmVzZTpjbt0Q%2BlD%2F3bDby3krterWtoHr87qcbE0iZc7fhb3JRXQ0FndNi2nHLtw40qKcNUDDhujdUzJfqIOGW6w7cpXPXJYMMBw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cbd87b19a955c68-FRA
accept-ranges
bytes
content-length
16760
date
Tue, 01 Oct 2024 15:36:45 GMT
last-modified
Thu, 21 Jan 2021 10:04:48 GMT
vary
Accept-Encoding
server
cloudflare
manrope-v3-cyrillic-regular.woff2
5play.org/templates/5p/fonts/
16 KB
17 KB
Font
General
Full URL
https://5play.org/templates/5p/fonts/manrope-v3-cyrillic-regular.woff2
Requested by
Host: 5play.org
URL: https://5play.org/index.php?do=cdn&id=160385&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a8e6f416da5d12fc14305d07e5ad690e92e8a9de9f65ce67e46e1fd6e2ed783
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://5play.org
Referer
https://5play.org/index.php?do=cdn&id=160385&lang=en

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"4184-5b96633b5d860"
age
2496
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TCmFYtB0OtL%2FKgdpmyl7aHGqiGJI3yATp7IOHMzxSYruQoLcqRzLzCCpMkmySIO4CP1yk%2F2FvbTheY4w4ZgB45zg2QaVmrHzCf3kI3POSIHE2XQRN2XxJ8XZSAgTbNoa27KkjAETPw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cbd87b19a975c68-FRA
accept-ranges
bytes
content-length
16772
date
Tue, 01 Oct 2024 15:36:45 GMT
last-modified
Thu, 21 Jan 2021 10:04:48 GMT
vary
Accept-Encoding
server
cloudflare
core.css
5play.org/templates/5p/css/
38 KB
10 KB
Stylesheet
General
Full URL
https://5play.org/templates/5p/css/core.css?v=1.81
Requested by
Host: 5play.org
URL: https://5play.org/index.php?do=cdn&id=160385&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3cbe8239802014d3b38a1af128fa47e64317114b5809d39d2908588544699fa4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://5play.org/index.php?do=cdn&id=160385&lang=en

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"b349-5bb1fddebb969"
age
2583
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iuRz%2FQN%2Bpk%2B9rFAzYim06JxqpOZ0NkVI5EU12qtVHPx8InjBSHgzNPIgFMvMlcnTQI1vGT%2Bf9hrs8YDg2gPSshS9eWi3wZwyxs%2F%2FyM0XIdYftFGu%2BgxW6sxwC0UN7yUo%2BGnv%2FJaPig%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=45897
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
text/css
last-modified
Fri, 12 Feb 2021 09:00:25 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cbd87b19a995c68-FRA
server
cloudflare
cdn.css
5play.org/templates/5p/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://5play.org/templates/5p/css/cdn.css?v=1.45
Requested by
Host: 5play.org
URL: https://5play.org/index.php?do=cdn&id=160385&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
caf0f47054e554aa6ae75aa3c70099c7d4788132779c4002195f18538aab4956
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://5play.org/index.php?do=cdn&id=160385&lang=en

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"16e8-5d317caf8a71c"
age
3363
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x7EorJs9STU%2FbBXJRobJFfig7q4k4ywILPaYRG%2FPzl%2BWoD7j0EOS6Ejrv508FMTLctIIZexmhIeF%2BKKZdYi2kHuTWTXxBjMZ7D%2BTdHavEqnj2FBRoFBrzpZr2jGF%2BRbE8Sg6MIileA%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origSize=5864
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
text/css
last-modified
Tue, 14 Dec 2021 09:27:06 GMT
vary
Accept-Encoding
strict-transport-security
max-age=31536000
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cbd87b19a9d5c68-FRA
server
cloudflare
1720251574_1.webp
5play.org/uploads/posts/2024-07/
5 KB
6 KB
Image
General
Full URL
https://5play.org/uploads/posts/2024-07/1720251574_1.webp
Requested by
Host: 5play.org
URL: https://5play.org/index.php?do=cdn&id=160385&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
322cdfae11e8ab5383360566c88237ac67114a61592e62feba61f4f52b51fc49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://5play.org/index.php?do=cdn&id=160385&lang=en

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"14b6-61c8f42e3da97"
age
1347
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OeI2jzV8c%2F4EfIu1nlzl6f7sz%2BlOaL4uHXCI8DK0z8S6Mfg6e48V8kb7RIvQXKkwf8xIW%2B2CWlkmFFDqqt6Y2VKMkafQCbtMoEGHb2Exm0M7c4BKHLoMUivlOV5hvFlkRTGIg5oUyw%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8cbd87b19a9e5c68-FRA
accept-ranges
bytes
content-length
5302
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
image/webp
last-modified
Sat, 06 Jul 2024 07:38:08 GMT
vary
Accept-Encoding
server
cloudflare
rocket-loader.min.js
5play.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://5play.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: 5play.org
URL: https://5play.org/index.php?do=cdn&id=160385&lang=en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://5play.org/index.php?do=cdn&id=160385&lang=en

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"66f525c6-302c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SeeKV5Tgb1P6Yn3HRXiYjZGoqxDIv2NDIQdfk82pl8xkbwT6Fc68Rer%2FWHQ9kf018B4kOg7iDAIE9vq8Ph5lFcTSzq5hYO05xi1SujEOADHymncrW7QGowm5o%2F1Fj7GXG0eJwrLsDg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8cbd87b1aabd5c68-FRA
expires
Thu, 03 Oct 2024 15:36:45 GMT
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
application/javascript
last-modified
Thu, 26 Sep 2024 09:13:42 GMT
server
cloudflare
vary
Accept-Encoding
sdk.js
push-sdk.com/f/
52 KB
15 KB
Script
General
Full URL
https://push-sdk.com/f/sdk.js?z=1158028
Requested by
Host: 5play.org
URL: https://5play.org/index.php?do=cdn&id=160385&lang=en
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.56 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub5.1push.io
Software
Angie /
Resource Hash
7a54a48535e98ca46d1275d906a69cb3a95a5026a5034ef300ec56318155d38e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://5play.org/

Response headers

cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate
content-length
15349
content-encoding
gzip
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
server
Angie
js
www.googletagmanager.com/gtag/
314 KB
105 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-TS73N6ZFZC
Requested by
Host: 5play.org
URL: https://5play.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
eb447b48cf8f598bccd30f4853caa41f6c5635c877c19246130f80697036e154
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://5play.org/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Tue, 01 Oct 2024 15:36:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
106665
x-xss-protection
0
server
Google Tag Manager
index.php
5play.org/engine/classes/min/
179 KB
48 KB
Script
General
Full URL
https://5play.org/engine/classes/min/index.php?f=engine/classes/js/jqueryui3.js,engine/classes/js/dle_js.js&v=54pu2
Requested by
Host: 5play.org
URL: https://5play.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.16
Resource Hash
ac4b9a9fce7188e3908b306f629c5a7378f6b4c526e215ca22be6210e66b6c26
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://5play.org/index.php?do=cdn&id=160385&lang=en

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"pub1723623419;gz"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pw%2BTtbMRNv5dVn7jYrfpIa95vuhHYEzCZKr%2FRi6kwk9k8rqkbBIq2%2Bp1Im0pkVxJLD%2BTiT2s6I2LEYDyeaSF3PN45TbBIAvpv5G%2B%2FTsr06p5NcAw8CZU44vQ%2BBFuQEAU7e26cmrAsg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 01 Oct 2025 15:36:45 GMT
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 14 Aug 2024 08:16:59 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cbd87b1fb055c68-FRA
content-length
48182
x-powered-by
PHP/8.1.16
server
cloudflare
index.php
5play.org/engine/classes/min/
86 KB
30 KB
Script
General
Full URL
https://5play.org/engine/classes/min/index.php?g=general3&v=54pu2
Requested by
Host: 5play.org
URL: https://5play.org/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.1.16
Resource Hash
ede043e4ec62043bc92859cb1c78d700d8a457b69dc8ae7595e192b89f68a3ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://5play.org/index.php?do=cdn&id=160385&lang=en

Response headers

content-encoding
gzip
cf-cache-status
DYNAMIC
etag
"pub1723623419;gz"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yPPflcwU6q1K0FISLd7vEr%2FujOmLgq3i3RXX8osXaOMFPUu4foIJQYxfYKed7AI9KOIG10LUrpeXrcxQCtO%2BTT6%2BQJoR3C22AT79QrO%2FXjHu6KqCt8ky6o2Iyeuyx%2BogbGEs67hLDg%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 01 Oct 2025 15:36:45 GMT
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 14 Aug 2024 08:16:59 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cbd87b1fb075c68-FRA
content-length
30423
x-powered-by
PHP/8.1.16
server
cloudflare
truncated
/
160 B
0
Image
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
21ae9f1bb8cf8feb4eab2950a425cb87f941151762307b61e2b21d12ab1773db

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer

Response headers

Content-Type
image/svg+xml
event
push-sdk.com/
0
523 B
Ping
General
Full URL
https://push-sdk.com/event?z=1158028
Requested by
Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=1158028
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.56 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub5.1push.io
Software
Angie /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://5play.org/

Response headers

access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin
https://5play.org
content-length
0
date
Tue, 01 Oct 2024 15:36:45 GMT
server
Angie
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
f32.png
5play.org/templates/5p/images/favicon/
584 B
1 KB
Other
General
Full URL
https://5play.org/templates/5p/images/favicon/f32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::ac43:4790 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d02ac58b23be3e2bcf8d866bb0a7c161eebe2235ba276978bfe06920a9d11c8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://5play.org/index.php?do=cdn&id=160385&lang=en

Response headers

cf-bgj
imgq:85,h2pri
etag
"35d-5b96633f05d5c"
age
797
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dZBowT21nL6DP1Orht7NEYqN0HgBuZ7UqpB%2BsTYyDzL6YqybM8YOe0HVMSR1NrkqK2qp2Dd%2BTUjg9OO32D57kpRBLdjxZ85pwTpKnhsVPNgDtnTOayOpQ0lW8MSC1GMbfQYSxUgrNg%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-polished
origFmt=png, origSize=861
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
image/webp
content-disposition
inline; filename="f32.webp"
vary
Accept
last-modified
Thu, 21 Jan 2021 10:04:52 GMT
strict-transport-security
max-age=31536000
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8cbd87b25b505c68-FRA
accept-ranges
bytes
content-length
584
server
cloudflare
sync
uidsync.net/
62 B
704 B
Fetch
General
Full URL
https://uidsync.net/sync?user_id=KQUsPtS81vlbQ6bXBP9i0n
Requested by
Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=1158028
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub1.1push.io
Software
Angie /
Resource Hash
e05eeec46cdc7eb969c22a133f4d7d8cdf6b54068d73730bd5c44d5f898cfa40

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
application/json
Referer
https://5play.org/

Response headers

access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin
https://5play.org
content-length
62
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
application/json; charset=utf-8
server
Angie
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
sync
uidsync.net/
0
0
Preflight
General
Full URL
https://uidsync.net/sync?user_id=KQUsPtS81vlbQ6bXBP9i0n
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
157.90.33.68 Ismaning, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub1.1push.io
Software
Angie /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://5play.org
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://5play.org
access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
date
Tue, 01 Oct 2024 15:36:45 GMT
expires
Tue, 11 Jan 1994 00:00:00 GMT
pragma
no-cache
server
Angie
collect
region1.google-analytics.com/g/
0
0
Fetch
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-TS73N6ZFZC&gtm=45je49u0v9138014485za200&_p=1727797005211&gcd=13l3lPl2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101686685~101747727&cid=1789654841.1727797005&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727797005&sct=1&seg=0&dl=https%3A%2F%2F5play.org%2Findex.php%3Fdo%3Dcdn%26id%3D160385%26lang%3Den&dt=Downloading%20file%20bitlife-life-simulator-3.15.7-mod-t-5play.apk&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=444
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-TS73N6ZFZC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://5play.org/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://5play.org
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 01 Oct 2024 15:36:45 GMT
content-type
text/plain
server
Golfe2
event
push-sdk.com/
0
524 B
Ping
General
Full URL
https://push-sdk.com/event?z=1158028
Requested by
Host: push-sdk.com
URL: https://push-sdk.com/f/sdk.js?z=1158028
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.63.248.56 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
sub5.1push.io
Software
Angie /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://5play.org/

Response headers

access-control-expose-headers
Authorization
cache-control
no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma
no-cache
accept-ch
Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
access-control-allow-credentials
true
access-control-allow-methods
GET, POST, OPTIONS
expires
Tue, 11 Jan 1994 00:00:00 GMT
access-control-allow-origin
https://5play.org
content-length
0
date
Tue, 01 Oct 2024 15:36:46 GMT
server
Angie
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| __cfQR function| $ function| jQuery string| dle_root string| dle_login_hash number| dle_group number| dle_link_type string| dle_skin string| dle_wysiwyg string| quick_wysiwyg string| dle_min_search object| dle_act_lang string| menu_short string| menu_full string| menu_profile string| menu_send string| menu_uedit string| dle_info string| dle_confirm string| dle_prompt object| dle_req_field string| dle_del_agree string| dle_spam_agree string| dle_c_title string| dle_complaint string| dle_mail string| dle_big_text string| dle_orfo_title string| dle_p_send string| dle_p_send_ok string| dle_save_ok string| dle_reply_title string| dle_tree_comm string| dle_del_news string| dle_sub_agree string| dle_unsub_agree string| dle_captcha_type object| dle_share_interesting object| DLEPlayerLang object| DLEGalleryLang number| DLELazyMode number| timeleft number| downloadTimer function| gtag object| dataLayer boolean| __cfRLUnblockHandlers object| google_tag_manager object| google_tag_data function| _init function| _open function| DLEPush object| c_cache object| dle_poll_voted object| file_uploaders function| reload function| dle_change_sort function| doPoll function| IPMenu function| ajax_save_for_edit function| ajax_prep_for_edit function| ajax_comm_edit function| ajax_cancel_comm_edit function| ajax_save_comm_edit function| DeleteComments function| MarkSpam function| doFavorites function| CheckLogin function| doCalendar function| doRate function| doCommentsRate function| ajax_cancel_reply function| DLESendPM function| ajax_fast_reply function| dle_reply function| doAddComments function| isHistoryApiAvailable function| CommentsPage function| dle_copy_quote function| dle_fastreply function| dle_ins function| ShowOrHide function| ckeck_uncheck_all function| confirmDelete function| setNewField function| dle_news_delete function| MenuNewsBuild function| sendNotice function| AddComplaint function| DLEalert function| DLEconfirm function| DLEprompt function| ShowPopupProfile function| onTwofactoryChange function| ShowProfile function| FastSearch function| dle_do_search function| ShowLoading function| HideLoading function| ShowAllVotes function| fast_vote function| AddIgnorePM function| DelIgnorePM function| DelSocial function| subscribe function| media_upload function| dropdownmenu function| setcookie function| get_local_storage function| set_local_storage function| del_local_storage function| save_last_viewed function| hidemenu function| delayhidemenu function| clearhidemenu function| removeEmptyElements function| find_comment_onpage function| findCommentsPage function| onYouTubeIframeAPIReady object| gaGlobal

5 Cookies

Domain/Path Name / Value
.5play.org/ Name: language
Value: en
.5play.org/ Name: PHPSESSID
Value: rah4oduikt643nojg8qj620m0r
.5play.org/ Name: _ga
Value: GA1.1.1789654841.1727797005
.5play.org/ Name: _ga_TS73N6ZFZC
Value: GS1.1.1727797005.1.0.1727797005.0.0.0
uidsync.net/ Name: rauid
Value: KQUsPtS81vlbQ6bXBP9i0n

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://5play.org/index.php?do=cdn&id=160385&lang=en
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN