www.playonigo.com Open in urlscan Pro
34.253.101.190 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.onigoescapes.com/atlantean-chest/start
Effective URL:
https://www.playonigo.com/atlantean-chest/start
Submission: On August 17 via api (August 17th 2022, 8:53:30 am UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 34 IPs in 5 countries across 24 domains to perform 54 HTTP transactions. The main IP is 34.253.101.190, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is www.playonigo.com.
TLS certificate: Issued by R3 on June 18th 2022. Valid for: 3 months.

This is the only time www.playonigo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	34.253.101.190 34.253.101.190	16509 (AMAZON-02) (AMAZON-02)
8	13.225.78.54 13.225.78.54	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80e::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
2 4	2606:4700::68... 2606:4700::6810:7caf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:2a	20446 (STACKPATH...) (STACKPATH-CDN)
1 3	2600:9000:20e... 2600:9000:20eb:5600:14:dc98:7700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.225.84.17 13.225.84.17	16509 (AMAZON-02) (AMAZON-02)
1	172.65.208.22 172.65.208.22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
1	172.65.238.60 172.65.238.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:eecc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.192.122 172.65.192.122	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.202.201 172.65.202.201	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	13.225.78.103 13.225.78.103	16509 (AMAZON-02) (AMAZON-02)
1 3	172.65.202.85 172.65.202.85	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.193.34 172.65.193.34	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	13.224.189.26 13.224.189.26	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1	13.224.189.122 13.224.189.122	16509 (AMAZON-02) (AMAZON-02)
1	54.74.193.12 54.74.193.12	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.124 13.225.78.124	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	172.65.236.181 172.65.236.181	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	54.229.120.213 54.229.120.213	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6811:9d2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.65.240.166 172.65.240.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:f1cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
54	34

3 34.253.101.190 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-101-190.eu-west-1.compute.amazonaws.com

www.onigoescapes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.playonigo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.225.78.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-54.fra2.r.cloudfront.net

uploads-ssl.webflow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7caf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:2a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:5600:14:dc98:7700:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

www.cdn.privado.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.privado.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.84.17 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-17.fra2.r.cloudfront.net

d3e54v103j8qbb.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.208.22 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.238.60 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:eecc (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.usemessages.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.192.122 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.202.201 (United States)

ASN13335 (CLOUDFLARENET, US)

js-eu1.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-103.fra2.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.65.202.85 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

api-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.193.34 (United States)

ASN13335 (CLOUDFLARENET, US)

forms-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-26.fra2.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-122.fra2.r.cloudfront.net

vars.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.193.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-193-12.eu-west-1.compute.amazonaws.com

in.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-124.fra2.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.65.236.181 (United States)

ASN13335 (CLOUDFLARENET, US)

app-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.120.213 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-120-213.eu-west-1.compute.amazonaws.com

ws8.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6811:9d2 (United States)

ASN13335 (CLOUDFLARENET, US)

static.hsappstatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.65.240.166 (United States)

ASN13335 (CLOUDFLARENET, US)

track-eu1.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:f1cc (United States)

ASN13335 (CLOUDFLARENET, US)

avatars.hubspot.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	webflow.com uploads-ssl.webflow.com — Cisco Umbrella Rank: 13997	691 KB
7	hubspot.com 1 redirects api-eu1.hubspot.com — Cisco Umbrella Rank: 76915 forms-eu1.hubspot.com — Cisco Umbrella Rank: 44384 app-eu1.hubspot.com — Cisco Umbrella Rank: 91391 track-eu1.hubspot.com — Cisco Umbrella Rank: 35104	24 KB
5	hsappstatic.net static.hsappstatic.net — Cisco Umbrella Rank: 6886	265 KB
5	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 619 script.hotjar.com — Cisco Umbrella Rank: 853 vars.hotjar.com — Cisco Umbrella Rank: 858 in.hotjar.com — Cisco Umbrella Rank: 1567 ws8.hotjar.com — Cisco Umbrella Rank: 57930	69 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 45 region1.google-analytics.com — Cisco Umbrella Rank: 3094	20 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 868	45 KB
3	privado.ai 1 redirects www.cdn.privado.ai — Cisco Umbrella Rank: 347046 cdn.privado.ai — Cisco Umbrella Rank: 326357	48 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	175 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	172 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 615	130 KB
2	google.com www.google.com — Cisco Umbrella Rank: 9	1 KB
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 286 fonts.googleapis.com — Cisco Umbrella Rank: 54	7 KB
2	onigoescapes.com 2 redirects www.onigoescapes.com	600 B
1	hubspot.net avatars.hubspot.net — Cisco Umbrella Rank: 27063	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6076	501 B
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2186	256 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 108	444 B
1	hs-banner.com js-eu1.hs-banner.com — Cisco Umbrella Rank: 32827	16 KB
1	hscollectedforms.net js-eu1.hscollectedforms.net — Cisco Umbrella Rank: 45022	25 KB
1	usemessages.com js-eu1.usemessages.com — Cisco Umbrella Rank: 96969	21 KB
1	hs-analytics.net js-eu1.hs-analytics.net — Cisco Umbrella Rank: 33395	20 KB
1	hs-scripts.com js-eu1.hs-scripts.com — Cisco Umbrella Rank: 30638	988 B
1	cloudfront.net d3e54v103j8qbb.cloudfront.net	30 KB
1	playonigo.com www.playonigo.com	5 KB
54	24

	Domain	Requested by
8	uploads-ssl.webflow.com	www.playonigo.com uploads-ssl.webflow.com
5	static.hsappstatic.net	app-eu1.hubspot.com static.hsappstatic.net
4	unpkg.com	2 redirects www.playonigo.com
3	api-eu1.hubspot.com	1 redirects js-eu1.usemessages.com
3	www.googletagmanager.com	www.playonigo.com www.googletagmanager.com
2	app-eu1.hubspot.com	js-eu1.usemessages.com static.hsappstatic.net
2	region1.google-analytics.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.privado.ai	www.playonigo.com text
2	code.jquery.com	www.playonigo.com
2	www.google.com	www.playonigo.com
2	www.onigoescapes.com	2 redirects
1	avatars.hubspot.net
1	track-eu1.hubspot.com
1	ws8.hotjar.com	script.hotjar.com
1	www.google.de	www.playonigo.com
1	vc.hotjar.io	script.hotjar.com
1	in.hotjar.com	script.hotjar.com
1	vars.hotjar.com	static.hotjar.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	script.hotjar.com	static.hotjar.com
1	forms-eu1.hubspot.com	js-eu1.hscollectedforms.net
1	static.hotjar.com	www.googletagmanager.com
1	js-eu1.hs-banner.com	js-eu1.hs-scripts.com
1	js-eu1.hscollectedforms.net	js-eu1.hs-scripts.com
1	js-eu1.usemessages.com	js-eu1.hs-scripts.com
1	js-eu1.hs-analytics.net	js-eu1.hs-scripts.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	www.google.com
1	fonts.googleapis.com	ajax.googleapis.com
1	js-eu1.hs-scripts.com	www.playonigo.com
1	d3e54v103j8qbb.cloudfront.net	www.playonigo.com
1	www.cdn.privado.ai	1 redirects
1	ajax.googleapis.com	www.playonigo.com
1	www.playonigo.com
54	35

This site contains links to these domains. Also see Links.

Domain
privado.ai

Subject Issuer	Validity	Valid
www.playonigo.com R3	`2022-06-18` - `2022-09-16`	3 months	crt.sh
uploads-ssl.webflow.com Amazon	`2021-09-27` - `2022-10-26`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-01` - `2022-10-24`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-03` - `2023-06-02`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
cdn.privado.ai Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.hotjar.com Amazon	`2021-11-25` - `2022-12-23`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.hotjar.io Amazon	`2022-07-18` - `2023-08-16`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
hsappstatic.net Cloudflare Inc ECC CA-3	`2022-05-10` - `2023-05-10`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.playonigo.com/atlantean-chest/start
Frame ID: 2904484C2D8A10872720F3286B18A27E
Requests: 45 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html
Frame ID: E85667E71E291CD8AC56678E1C561743
Requests: 1 HTTP requests in this frame

Frame: https://app-eu1.hubspot.com/conversations-visitor/26114418/threads/utk/2b786bb6380d4429a7faf696825e99e8?uuid=9fe918787f594ab5b154933e7652cf45&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=playonigo.com&inApp53=false&messagesUtk=2b786bb6380d4429a7faf696825e99e8&url=https%3A%2F%2Fwww.playonigo.com%2Fatlantean-chest%2Fstart&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
Frame ID: 7D9E969D44F93730BDA0195B60C657B8
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Atlantean Chest - Start Your Game

Page URL History Show full URLs

http://www.onigoescapes.com/atlantean-chest/start HTTP 301
https://www.onigoescapes.com/atlantean-chest/start HTTP 301
https://www.playonigo.com/atlantean-chest/start Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

54
Requests

93 %
HTTPS

48 %
IPv6

24
Domains

35
Subdomains

34
IPs

5
Countries

1766 kB
Transfer

4377 kB
Size

17
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://privado.ai/cookie-consent
Title: Privado

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.onigoescapes.com/atlantean-chest/start HTTP 301
https://www.onigoescapes.com/atlantean-chest/start HTTP 301
https://www.playonigo.com/atlantean-chest/start Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@8.3.2/swiper-bundle.min.css

Request Chain 6

https://www.cdn.privado.ai/e88310899d304617a49b6875751317a4.js HTTP 302
https://cdn.privado.ai/geo/e88310899d304617a49b6875751317a4_Global.js

Request Chain 9

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@8.3.2/swiper-bundle.min.js

Request Chain 51

https://api-eu1.hubspot.com/userpreferences/v1/avatar/c6d7e5113d82dda417274f76826071ae/100 HTTP 307
https://avatars.hubspot.net/default-100

54 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request start Show response
www.playonigo.com/atlantean-chest/
Redirect Chain

http://www.onigoescapes.com/atlantean-chest/start
https://www.onigoescapes.com/atlantean-chest/start
https://www.playonigo.com/atlantean-chest/start

13 KB
5 KB

593ms
282ms

Document
text/html

34.253.101.190
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.playonigo.com/atlantean-chest/start

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.253.101.190 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-253-101-190.eu-west-1.compute.amazonaws.com

Software

openresty /

Resource Hash

e67871ecd9ee956b61be7d99ec87472e458444ff2d56f23c957cb380400c40c5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
content-encoding: gzip
content-length: 4707
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Wed, 17 Aug 2022 08:53:24 GMT
server: openresty
vary: x-wf-forwarded-proto, Accept-Encoding
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cluster-name: eu-west-1-prod-edge-blue
x-frame-options: SAMEORIGIN
x-served-by: cache-iad-kjyo7100066-IAD, cache-dub4331-DUB
x-timer: S1660726404.761630,VS0,VE248

Redirect headers

accept-ranges: bytes
cache-control: private
content-length: 166
content-security-policy: frame-ancestors 'self'
content-type: text/html
date: Wed, 17 Aug 2022 08:53:23 GMT
location: https://www.playonigo.com/atlantean-chest/start
server: openresty
vary: x-wf-forwarded-proto
via: 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS
x-cache-hits: 0, 0
x-cluster-name: eu-west-1-prod-edge-blue
x-frame-options: SAMEORIGIN
x-served-by: cache-iad-kiad7000138-IAD, cache-dub4334-DUB
x-timer: S1660726403.218565,VS0,VE198

GET
H2 200 onigo.webflow.38992719d.min.css
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/ 268 KB
31 KB 57ms
11ms Stylesheet
text/css 13.225.78.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
Requested by: Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e92a2fbef45877594f44cc8617c16c7e745cfba43407b15ac6ea0b3279703fef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: b66BJo4ulGOBvgFDSkRMjUKHnPjnFyZ0
content-encoding: gzip
etag: "1adf4f97010cc422b3f53b15ec1ca11d"
age: 66303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 31547
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 11:23:12 GMT
server: AmazonS3
date: Tue, 16 Aug 2022 14:28:22 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: d60xfRYYB81okAKhmr67hr05Hkhhs3Ddf9559vCO7fSw-ba7lnkyAw==

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 13 KB
6 KB 120ms
37ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Requested by

Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 13:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 68956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5437
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Aug 2023 13:44:08 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 106 KB
41 KB 132ms
50ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-114116789-1

Requested by

Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e32380e0f21a810a765b51763ab35da7d7f266d557bf2eae190baca2f619f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41779
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Aug 2022 08:53:24 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
968 B 136ms
50ms Script
text/javascript 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0bf673925163224f78fec48c5b1f5126c4ab6605a98ed1dcdf87d82ba9c3bd91

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Wed, 17 Aug 2022 08:53:24 GMT

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@8.3.2/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@8.3.2/swiper-bundle.min.css

16 KB
5 KB

26ms
25ms

Stylesheet
text/css

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.3.2/swiper-bundle.min.css

Requested by

Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1892285
fly-request-id: 01G8X3FQPSYY4JQ35AP7WQRNMH-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"4052-dxUYZpo3DZFa3w0gfyoiCSp2jNE"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 73c12dd99e719948-FRA

Redirect headers

date: Wed, 17 Aug 2022 08:53:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GANFZ9D80N8GN90228C2DE7A-fra
server: cloudflare
age: 145
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@8.3.2/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 73c12dd96e149948-FRA
access-control-allow-origin: *

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
8 KB 63ms
18ms Stylesheet
text/css 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:54 GMT
server: nginx
etag: W/"611feaca-8c85"
vary: Accept-Encoding
x-hw: 1660726404.dop255.am5.t,1660726404.cds309.am5.hn,1660726404.cds257.am5.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2

200

e88310899d304617a49b6875751317a4_Global.js Show response
cdn.privado.ai/geo/
Redirect Chain

https://www.cdn.privado.ai/e88310899d304617a49b6875751317a4.js
https://cdn.privado.ai/geo/e88310899d304617a49b6875751317a4_Global.js

46 KB
46 KB

27ms
15ms

Script
binary/octet-stream

2600:9000:20eb:5600:14:dc98:7700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privado.ai/geo/e88310899d304617a49b6875751317a4_Global.js
Requested by: Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol: H2
Server: 2600:9000:20eb:5600:14:dc98:7700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b3933294fd263b1572540d5a06c988d6178804a57b8cba76225d1cac605b018

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 13 Aug 2022 13:32:33 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
last-modified: Sat, 27 Nov 2021 09:33:02 GMT
server: AmazonS3
age: 328852
etag: "bee9b0de57e513a1ff05550c8dfda210"
x-cache: Hit from cloudfront
x-amz-version-id: null
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: binary/octet-stream
content-length: 46791
x-amz-cf-id: Eg7MP1FPSzUZgUWNN19-9aFIc42rDh3wJXj7YjDlDRl-AN34l86o9w==

Redirect headers

date: Wed, 17 Aug 2022 08:53:24 GMT
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
location: https://cdn.privado.ai/geo/e88310899d304617a49b6875751317a4_Global.js
content-length: 0
x-amz-cf-id: nfa5z860F7GbljWkUEdfpQJ-MEigmayHuFgrTh-zT-v3jXGT9yTifw==

GET
H2 200 jquery-3.5.1.min.dc5e7f18c8.js Show response
d3e54v103j8qbb.cloudfront.net/js/ 87 KB
30 KB 61ms
10ms Script
application/javascript 13.225.84.17
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=6060ad3f5fb11974bc7406cb
Requested by: Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.17 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-84-17.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer: https://www.playonigo.com/
Origin: https://www.playonigo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Tue, 16 Aug 2022 21:57:51 GMT
content-encoding: br
vary: Accept-Encoding
age: 39431
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 6c9a2d99a25484f38efa27d58a726b2c.cloudfront.net (CloudFront)
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: Fq16s8JOpth6hOSh-kJQRYnbk7csbylKZnSTNFa8qPhAcgHpnX4SaQ==

GET
H2 200 webflow.e6b23a72e.js Show response
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/js/ 272 KB
64 KB 63ms
18ms Script
text/javascript 13.225.78.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/js/webflow.e6b23a72e.js
Requested by: Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 735db383c13a8dfa4f2659ab5cb2ce9cec0e0de9517e31a11d82c11bf7edc352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: k0fBElTIZaZzk3yqUlAid95lTD85ZadW
content-encoding: gzip
etag: "7cf385bbcda5eaca47cb9d1e39f953a0"
age: 66303
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 65085
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
last-modified: Mon, 01 Aug 2022 11:23:12 GMT
server: AmazonS3
date: Tue, 16 Aug 2022 14:28:22 GMT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=84600, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
x-amz-cf-id: fAVv2mWSx9BsWmidanHFdUTRpbRpPLhRhjz_zxqbOKbYFuMAj5NLWw==

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@8.3.2/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@8.3.2/swiper-bundle.min.js

140 KB
40 KB

22ms
22ms

Script
application/javascript

2606:4700::6810:7caf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.3.2/swiper-bundle.min.js

Requested by

Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start

Protocol

Server

2606:4700::6810:7caf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cc52733b73530cdb8ff7665895e0b1be88f67f1dcf738ec1ca3ec404f2723f97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1892371
fly-request-id: 01G8X3D1VQJ0GKKAK1DRXWE4TC-fra
content-encoding: br
vary: Accept-Encoding
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: cloudflare
etag: W/"22fb1-KGtkeSGy9PWRWjtO2CswTE1NohY"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 73c12dd98e5d9948-FRA

Redirect headers

date: Wed, 17 Aug 2022 08:53:24 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GANFPN0DSR849XHKBKZRKDZM-fra
server: cloudflare
age: 430
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
location: /swiper@8.3.2/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 73c12dd96e1a9948-FRA
access-control-allow-origin: *

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.12.1/ 509 KB
122 KB 62ms
18ms Script
application/javascript 2001:4de0:ac18::1:a:2a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/jquery-ui.js
Requested by: Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
content-encoding: gzip
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
etag: W/"28feccc0-7f20a"
vary: Accept-Encoding
x-hw: 1660726404.dop255.am5.t,1660726404.cds309.am5.hn,1660726404.cds222.am5.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 124434

GET
H2 200 26114418.js Show response
js-eu1.hs-scripts.com/ 2 KB
988 B 131ms
64ms Script
application/javascript 172.65.208.22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-scripts.com/26114418.js
Requested by: Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.208.22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f27fda010800b6bd3a831a218d10fe0f1a01ef24852910c79ee87b18a10e19c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Wed, 17 Aug 2022 08:53:24 GMT
server: cloudflare
x-hubspot-correlation-id: 18bd743f-da8d-4c8c-808d-5cf01bd7cd94
x-trace: 2BEBB5478F244473D41923ED1AF016A3FE14003A91000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.playonigo.com
access-control-max-age: 3600
cache-control: public, max-age=30
access-control-allow-credentials: true
cf-ray: 73c12ddb6c0c8fe3-FRA

GET
H2 200 css
fonts.googleapis.com/ 981 B
916 B 126ms
45ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=VT323:regular

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7942e2e26a4203b6ce47df56d9c220a45eb1836a4721c142b4a0b488998eb0b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 08:53:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 17 Aug 2022 08:53:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 17 Aug 2022 08:53:24 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/ 386 KB
154 KB 121ms
38ms Script
text/javascript 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mq0-U1BHZ5YTcoDC-CvsLPNc/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.playonigo.com/
Origin: https://www.playonigo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:51:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 95
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157356
x-xss-protection: 0
last-modified: Mon, 08 Aug 2022 08:12:45 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 17 Aug 2023 08:51:49 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 174 KB
63 KB 155ms
97ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TNFQLJJ

Requested by

Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

18050dc0220b64a11a8810f451c1e51781d9a17043dcc258e41a48d0e22fcfb2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 64250
x-xss-protection: 0
last-modified: Wed, 17 Aug 2022 06:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 17 Aug 2022 08:53:24 GMT

GET
H2 200 pxiKyp0ihIEF2isfFJU.woff2
fonts.gstatic.com/s/vt323/v17/ 17 KB
18 KB 122ms
36ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/vt323/v17/pxiKyp0ihIEF2isfFJU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=VT323:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc6a870a116251f87186b5a787702fc7bf6939f2126f66ca82e0a7142a6ba9f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.playonigo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 10 Aug 2022 23:43:26 GMT
x-content-type-options: nosniff
age: 551398
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17668
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 15:50:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Aug 2023 23:43:26 GMT

GET
H2 200 index.css
cdn.privado.ai/ 6 KB
2 KB 9ms
9ms Stylesheet
text/css 2600:9000:20eb:5600:14:dc98:7700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.privado.ai/index.css
Requested by: Host: text
URL: data:text/css,@import%20url%28%27https%3A//cdn.privado.ai/index.css%27%29%3B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:5600:14:dc98:7700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3c0c39b913efd4fe6cadbc34c575160c55c5ea0c77fc6746ccd2327e40b2ed9b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: W/"b37829b910c734bf3a7f83a5b98e2099"
last-modified: Fri, 11 Jun 2021 09:47:48 GMT
server: AmazonS3
age: 38613
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
date: Tue, 16 Aug 2022 22:09:52 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: rcM40F5Xia5l8qR8k_YNT34UJA1AwtFq1o89rOX-rSJAhQ7SMinZog==

GET
DATA 200
OK truncated
/ 48 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cfe0f324e5847753b4dbc0b8c7a883a46fd37f982504c1a2e5a6c86281394d0c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

Content-Type: text/css

GET
H2 200 60622ffdd2174b57ff63e365_dayso-ql-l2lVoxKI-unsplash%20(1)%201.jpg
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 53 KB
54 KB 138ms
137ms Image
image/jpeg 13.225.78.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/60622ffdd2174b57ff63e365_dayso-ql-l2lVoxKI-unsplash%20(1)%201.jpg
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abe615b1cb6022c3c153172e64fb39e956601ecf47dee36ebcfee1e6ad2bd1c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 17 Aug 2022 08:53:25 GMT
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
last-modified: Mon, 29 Mar 2021 19:52:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "ae349acbf209ca235eaa0cb2a3c79bdb"
x-cache: Miss from cloudfront
x-amz-version-id: fCsYY45c_3LXa1s4nCbmIyCGPnRLA7nU
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 54604
x-amz-cf-id: f3TJGObBnxlwolkxVEdNxNh5qi7bUy1vXfq2gsWhbpnYiA5-GJYx9g==

GET
H2 200 6074aefbecafbc094d54e6e6_suhash-villuri-DYWHwLZyJ64-unsplash%20(1).jpeg
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 355 KB
356 KB 466ms
465ms Image
image/jpeg 13.225.78.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/6074aefbecafbc094d54e6e6_suhash-villuri-DYWHwLZyJ64-unsplash%20(1).jpeg
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 547e0054f7adc46531a2b92e4d86e5f09cdf6049e74b2aa9cb2764ae5994f540

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Wed, 17 Aug 2022 08:53:25 GMT
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
last-modified: Mon, 12 Apr 2021 20:35:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "8bcb7ccdf9a6f3c505a27f67a2043043"
x-cache: Miss from cloudfront
x-amz-version-id: 9wXxzeTSr_FEwWapUQv6URMjH2ysAMME
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
accept-ranges: bytes
content-type: image/jpeg
content-length: 363103
x-amz-cf-id: Jzx7ndosGgV4jLA0ubZrLrxcfY-2dYfmswMuH6W0hTosPbn3wkfTOw==

GET
H2 200 60637ecefe6203e28a4d2c80_Gilroy-Medium.otf
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 134 KB
134 KB 28ms
11ms Font
application/x-font-otf 13.225.78.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/60637ecefe6203e28a4d2c80_Gilroy-Medium.otf
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0ebe1219a8cbb054a23bea0d9b2e3bbc9f0dc1454643506df0f6c52eb9e94641

Request headers

Referer: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
Origin: https://www.playonigo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 14:26:38 GMT
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
age: 2572007
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 136912
last-modified: Tue, 30 Mar 2021 19:41:04 GMT
server: AmazonS3
etag: "5c1e574883aeccf0f98afb84482f3839"
x-amz-version-id: EL9XPDAGsW0bmFUMx_yhhNBlP0xefIdx
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/x-font-otf
x-amz-cf-id: UU2q8456VUvqbnZ4jTosDcSogA8YYdBotU3cLo0G2lwR4Hysk4gjxg==

GET
H2 200 6060addb5c469646b7797317_Gilroy-Regular.woff2
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 24 KB
25 KB 36ms
19ms Font
application/octet-stream 13.225.78.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/6060addb5c469646b7797317_Gilroy-Regular.woff2
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7bb576ebfaacf418331a906da2aadc9dc8047f10a68ab81754856aacff91bc4d

Request headers

Referer: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
Origin: https://www.playonigo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Mon, 18 Jul 2022 14:26:38 GMT
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
age: 2572006
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 24820
last-modified: Sun, 28 Mar 2021 16:55:27 GMT
server: AmazonS3
etag: "003c969cc824b37657e356519cc085ac"
x-amz-version-id: rBiEWCORB7slf50wfmdobf4yk5IJ.037
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: a_vlNvyrsAdR5cejeFCfyVRtgl4jGTSKK7aIMsJy_cmboB5Q1gWheQ==

GET
H2 200 6060ae1a23692b0ba07b9d35_Gilroy-SemiBold.woff2
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 25 KB
26 KB 38ms
21ms Font
application/octet-stream 13.225.78.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/6060ae1a23692b0ba07b9d35_Gilroy-SemiBold.woff2
Requested by: Host: uploads-ssl.webflow.com
URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 43806e67ec1242859d5779da20ad79339410917188fd2926c293f9c556f0d2be

Request headers

Referer: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/css/onigo.webflow.38992719d.min.css
Origin: https://www.playonigo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Sat, 06 Aug 2022 06:30:36 GMT
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
age: 958969
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 25820
last-modified: Sun, 28 Mar 2021 16:26:04 GMT
server: AmazonS3
etag: "334d60181a177b9e399106103f353d1d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
x-amz-version-id: 1Dxs7_1SrM_ondDiZfRAcvWitgazg3FY
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: application/octet-stream
x-amz-cf-id: tOVFc19tHvEuwRWAIeSv8P35u__mJnfn8dx4rcxejaV5-CYKNe5Z2g==

GET
H2 200 6060b12707f5361365cd6719_Logo.svg
uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/ 2 KB
1 KB 12ms
11ms Image
image/svg+xml 13.225.78.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://uploads-ssl.webflow.com/6060ad3f5fb11974bc7406cb/6060b12707f5361365cd6719_Logo.svg
Requested by: Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-54.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 32164f449bfc5c44ba943d78680d9d2a145be4b93302487dafa58671baa0b9f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 02:27:48 GMT
content-encoding: gzip
age: 5466337
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
via: 1.1 32e3b86ae254a231182567c0124af892.cloudfront.net (CloudFront)
last-modified: Sun, 28 Mar 2021 16:39:04 GMT
server: AmazonS3
etag: W/"1979dd4d7e0840e50adac8a9555451e9"
vary: Accept-Encoding
x-amz-version-id: 9Z7JFkZtHYGAHnH8RHU6V4muXyh0vmGW
access-control-allow-origin: *
cache-control: max-age=31536000, must-revalidate
x-amz-cf-pop: FRA2-C2
content-type: image/svg+xml
x-amz-cf-id: yJZpugU2COT-Bgma6K-X9lxJOPfFw6jdlIY-q9Hdn_OaJCDs657M3w==

GET
H2 200 26114418.js Show response
js-eu1.hs-analytics.net/analytics/1660726200000/ 62 KB
20 KB 118ms
51ms Script
text/javascript 172.65.238.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-analytics.net/analytics/1660726200000/26114418.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26114418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.238.60 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d93b4878bc05a170e77601cd0ed4b7befa9f3972f94281968d1b6380aba1ef22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: EG1TWDQ5BHVM6VE7
x-amz-server-side-encryption: AES256
x-amz-id-2: cb001aMbjaSXnUybgHKikKlzGYJJATyz12AUXi3k6nnbrWmVosB52iU/LFZ8aGSMLBptstx/m68=
last-modified: Mon, 01 Aug 2022 11:18:48 GMT
server: cloudflare
etag: W/"51cd06645c5bf4cac671dc2471f31056"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-ray: 73c12ddc3be991f9-FRA
expires: Wed, 17 Aug 2022 08:58:24 GMT

GET
H2 200 conversations-embed.js Show response
js-eu1.usemessages.com/ 73 KB
21 KB 68ms
22ms Script
application/javascript 2606:4700::6811:eecc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.usemessages.com/conversations-embed.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26114418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:eecc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c09332326d7e70e0623cd6bd5b3b5bf25ed4f55f92f7b90291ebe4cc9ce9130d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
cf-cache-status: HIT
age: 551
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-embed/static-1.10527/bundles/project.js&cfRay=73c1206a1fcb920e-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-conversations-embed-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Wed, 10 Aug 2022 02:50:06 UTC
server: cloudflare
etag: W/"a2bf181c4425a795ee88f3f230bb1967"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: c5qrTiV6vDUhLMyUOB33g.CfXJNifE8r
cache-control: max-age=600
x-hs-cache-status: HIT
x-amz-cf-pop: FRA6-C1
cf-ray: 73c12ddc1ac891d5-FRA
x-amz-cf-id: tJHLazAUCuR31dkGArvm0Pyt3aupgPX0ofOgbfMDjy86WWhKJ4-TyA==
x-hs-target-asset: conversations-embed/static-1.10527/bundles/project.js

GET
H2 200 collectedforms.js Show response
js-eu1.hscollectedforms.net/ 72 KB
25 KB 103ms
35ms Script
application/javascript 172.65.192.122
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hscollectedforms.net/collectedforms.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26114418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.192.122 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088

Request headers

Referer: https://www.playonigo.com/
Origin: https://www.playonigo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
via: 1.1 df86e917220bc08caa68b0eb8ddabe90.cloudfront.net (CloudFront)
cf-cache-status: MISS
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.285/bundles/project.js&cfRay=73c12ddc3e689079-FRA
x-cache: Hit from cloudfront
cache-tag: staticjsapp-collected-forms-embed-js-web-prod,staticjsapp-prod
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
last-modified: Mon, 18 Jul 2022 02:17:32 UTC
server: cloudflare
etag: W/"877e5f54a66a69786dec54038d0864c4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: gdKWpz_yvObw8s97wY_QgOhrdmJzIElp
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: HIT
cf-ray: 73c12ddc3e689079-FRA
x-amz-cf-id: oQ6HIp8e2PPcqjfOd9v6AfPN_7HIG02vxsB3rZdaEnBJDXBe6ZODFg==
x-hs-target-asset: collected-forms-embed-js/static-1.285/bundles/project.js

GET
H2 200 26114418.js Show response
js-eu1.hs-banner.com/ 60 KB
16 KB 159ms
98ms Script
text/javascript 172.65.202.201
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-eu1.hs-banner.com/26114418.js
Requested by: Host: js-eu1.hs-scripts.com
URL: https://js-eu1.hs-scripts.com/26114418.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.65.202.201 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4859c18384311788aceaee706ad1bf94c3310fbe33b1a16eb27926a877e7ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: EG1THN02PFB8KK49
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: 3iRqSwkHU4tUMmXi48Sz1vmY25Wc4ynjjksRYJpPW75fDifzI8ahmHnVkxiMHJfgWVKWSZtxjXw=
timing-allow-origin: *
last-modified: Mon, 01 Aug 2022 11:18:49 GMT
server: cloudflare
etag: W/"9312a25c476d26787f08fe1bc673d1b5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: xkASkTYtLScT9FhAtW8e04GyCt.LUkAo
access-control-allow-origin: https://www.playonigo.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 73c12ddc3975bbd9-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 17 Aug 2022 08:58:24 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 98ms
29ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-114116789-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6684
date: Wed, 17 Aug 2022 07:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 17 Aug 2022 09:02:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 200 KB
71 KB 56ms
55ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-XMH7E2YSYQ&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNFQLJJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5cd9e6bde1952c22e84f637d2a034a3fc787ce3eb1e97cfbaa6076ddfa8e0786

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72902
x-xss-protection: 0
expires: Wed, 17 Aug 2022 08:53:24 GMT

GET
H2 200 hotjar-3057671.js Show response
static.hotjar.com/c/ 5 KB
3 KB 66ms
38ms Script
application/javascript 13.225.78.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3057671.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TNFQLJJ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.103 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-103.fra2.r.cloudfront.net

Software

Resource Hash

b301917122de2fb53347e915ba8a279da0287b02f63846f26af5310fedaa5618

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache-hit: 1
date: Wed, 17 Aug 2022 08:53:24 GMT
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
via: 1.1 e1e056e45a0f8d6bc22b223900511170.cloudfront.net (CloudFront)
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-amz-cf-id: NcRXUCGC1z8W19NJ_8ppTaukDsLfg7-LMKIV4IcXO_KgHvoClMoCcg==
etag: W/27a4561e6d66fa0252c29a6a1194163d

GET
H2 200 public Show response
api-eu1.hubspot.com/livechat-public/v1/message/ 3 KB
2 KB 431ms
130ms XHR
application/json 172.65.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-eu1.hubspot.com/livechat-public/v1/message/public?portalId=26114418&conversations-embed=static-1.10527&mobile=false&messagesUtk=2b786bb6380d4429a7faf696825e99e8&traceId=2b786bb6380d4429a7faf696825e99e8

Requested by

Host: js-eu1.usemessages.com
URL: https://js-eu1.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ea4abb203448ea355f37ae01b8e8bf5f7bc5e4be40d54bdd585421e50b106be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Referer: https://www.playonigo.com/
accept-language: de-DE,de;q=0.9
X-HubSpot-Messages-Uri: https://www.playonigo.com/atlantean-chest/start

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 872fec33-162f-4254-8bd5-5be5d6bf896b
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1476
server: cloudflare
x-trace: 2BE35ABA40BA41719CDB089F1673B176A7B42373DA000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hCpOvi5Dp9PsqbnguQ5nGYCear1d6KttkqqZE4Od800fn3T2%2FAxX6X4O%2FdTkLcbU%2BajcSEHElI%2F9iojnUOLvzBNhlRGsB2DbCFrmVDqv53jWlbxGnhsntG8P7O8xJ0CvvIRJQsQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.playonigo.com
cache-control: no-cache, no-store, no-transform, must-revalidate, max-age=0
access-control-allow-credentials: false
cf-ray: 73c12ddeedba91cf-FRA
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri

OPTIONS
H2 200 public
api-eu1.hubspot.com/livechat-public/v1/message/ Frame 0
0 97ms
36ms Preflight
text/plain 172.65.202.85
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.202.85 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: x-hubspot-messages-uri
Access-Control-Request-Method: GET
Origin: https://www.playonigo.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

access-control-allow-credentials: false
access-control-allow-headers: Accept, Accept-Charset, Accept-Encoding, Accept-Language, Content-Type, Host, Origin, Referer, User-Agent, X-HubSpot-Messages-Uri
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
access-control-allow-origin: https://www.playonigo.com
allow: HEAD,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 73c12ddccb3591cf-FRA
content-length: 18
content-type: text/plain; charset=utf-8
date: Wed, 17 Aug 2022 08:53:24 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tbEaHprsVAoWTcLKj1L0d9%2BIkaF30sNYko%2BLUEzYWrERbKtcH0OD8A3BRMVKu6h2fbSDKYn08HtoV9ZQ%2FnqCLs5d%2BoM0l5j7ldR4U09OdyKV0Ij%2BPb8P7mH8%2F6RcExEyQV6AsKk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-hubspot-correlation-id: c5dbc2ac-8069-42fc-b909-b641feb5ace3
x-trace: 2B2A450C4318C5C48ECB804A8562B90C3C19CE2498000000000000000000

GET
H2 200 json Show response
forms-eu1.hubspot.com/collected-forms/v1/config/ 116 B
1 KB 124ms
60ms XHR
application/json 172.65.193.34
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms-eu1.hubspot.com/collected-forms/v1/config/json?portalId=26114418&utk=

Requested by

Host: js-eu1.hscollectedforms.net
URL: https://js-eu1.hscollectedforms.net/collectedforms.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.193.34 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2d7ef2a83a21210a308c23f637c9a22befcd976533e4426a4786d7cbcf8cb04b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.playonigo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:24 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 9707ce50-eac2-4d0c-ac4a-982501234106
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a6EIpc0mX3PXFdnRKP2CDDDRNnZ%2BUvuzy9i4zK%2FGb2wdouJ%2F48E8JaG5SM460CuInv8KKVEF4sxzoA3EDWExhIR1MLmMWE%2BrkTDrjyuufn%2FC%2BzgmQm4GoVfxCnIQmO6%2FdzoqXEFplw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.playonigo.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 73c12ddd2eb59031-FRA
access-control-allow-headers: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 99ms
38ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1009176977&t=pageview&_s=1&dl=https%3A%2F%2Fwww.playonigo.com%2Fatlantean-chest%2Fstart&ul=en-us&de=UTF-8&dt=Atlantean%20Chest%20-%20Start%20Your%20Game&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2084769158&gjid=1597193534&cid=2031941711.1660726405&tid=UA-114116789-1&_gid=232377892.1660726405&_r=1&gtm=2ou8f0&z=330251283

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.playonigo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 08:53:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.playonigo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
349 B 105ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XMH7E2YSYQ&gtm=2oe8f0&_p=1009176977&cid=2031941711.1660726405&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1660726404&sct=1&seg=0&dl=https%3A%2F%2Fwww.playonigo.com%2Fatlantean-chest%2Fstart&dt=Atlantean%20Chest%20-%20Start%20Your%20Game&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XMH7E2YSYQ&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 08:53:24 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.playonigo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 modules.8b83be320cd47888a36c.js Show response
script.hotjar.com/ 249 KB
64 KB 36ms
8ms Script
application/javascript 13.224.189.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.8b83be320cd47888a36c.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3057671.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-26.fra2.r.cloudfront.net

Software

Resource Hash

3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 10:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 424758
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains
content-length: 65169
access-control-allow-origin: *
last-modified: Fri, 12 Aug 2022 10:53:25 GMT
etag: "aa31991b0402338880bb68565eec8d76"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 6nQtqMw0wtLfj9rmevq9UzEZKZmh7DrGKXEUHIfjhVHkwK3h0pvIkw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-114116789-1&cid=2031941711.1660726405&jid=2084769158&gjid=1597193534&_gid=232377892.1660726405&_u=YEBAAUAAAAAAAC~&z=1155125711

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.playonigo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 17 Aug 2022 08:53:24 GMT
content-type: text/plain
access-control-allow-origin: https://www.playonigo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 box-1ada912494ba7fc7aca15fcef1c2a7ae.html Show response
vars.hotjar.com/ Frame E856 2 KB
1 KB 35ms
8ms Document
text/html 13.224.189.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://vars.hotjar.com/box-1ada912494ba7fc7aca15fcef1c2a7ae.html

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3057671.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.189.122 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-122.fra2.r.cloudfront.net

Software

Resource Hash

90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://www.playonigo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3025218
cache-control: max-age=31536000
content-encoding: br
content-length: 1044
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 13 Jul 2022 08:33:06 GMT
etag: "0b3d3f4206ab84d8861a8cc4b2ddbe66"
last-modified: Wed, 13 Jul 2022 08:32:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Accept-Encoding
via: 1.1 37c215a6cf8b04439db2f97a633421e6.cloudfront.net (CloudFront)
x-amz-cf-id: lQl4mvmmRxIuAvDr6qc_omaKOIJStklyIQTd6CyjdRVsA5Xc_19R_g==
x-amz-cf-pop: FRA2-C1
x-cache: Hit from cloudfront
x-robots-tag: none

POST
H2 200 visit-data Show response
in.hotjar.com/api/v2/client/sites/3057671/ 148 B
322 B 376ms
33ms XHR
application/json 54.74.193.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://in.hotjar.com/api/v2/client/sites/3057671/visit-data?sv=7
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8b83be320cd47888a36c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.74.193.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-74-193-12.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 47f866be06afeedbb11f7dafe75b1ddb58fd9e1f7219b95de1af57454d63230c

Request headers

Referer: https://www.playonigo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 204 3057671 Show response
vc.hotjar.io/sessions/ 0
256 B 373ms
36ms XHR
text/plain 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/3057671?s=0.25&r=0.10784257039394007
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8b83be320cd47888a36c.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: Python/3.7 aiohttp/3.5.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
via: 1.1 03d509e8374e9f42668961b5e0201348.cloudfront.net (CloudFront)
server: Python/3.7 aiohttp/3.5.4
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: ZMhyjWRmGo1MFveq-bT0jR1uNtoLuIbuOLrKWp9WBHqhORqagpg9IA==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
296 B 364ms
63ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-114116789-1&cid=2031941711.1660726405&jid=2084769158&_u=YEBAAUAAAAAAAC~&z=1417891742

Requested by

Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 08:53:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 387ms
60ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-114116789-1&cid=2031941711.1660726405&jid=2084769158&_u=YEBAAUAAAAAAAC~&z=1417891742

Requested by

Host: www.playonigo.com
URL: https://www.playonigo.com/atlantean-chest/start

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 08:53:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2b786bb6380d4429a7faf696825e99e8 Show response
app-eu1.hubspot.com/conversations-visitor/26114418/threads/utk/ Frame 7D9E 48 KB
18 KB 129ms
61ms Document
text/html 172.65.236.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-eu1.hubspot.com/conversations-visitor/26114418/threads/utk/2b786bb6380d4429a7faf696825e99e8?uuid=9fe918787f594ab5b154933e7652cf45&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=playonigo.com&inApp53=false&messagesUtk=2b786bb6380d4429a7faf696825e99e8&url=https%3A%2F%2Fwww.playonigo.com%2Fatlantean-chest%2Fstart&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Requested by

Host: js-eu1.usemessages.com
URL: https://js-eu1.usemessages.com/conversations-embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d906b076618715d98464058604953e5c8e79d3f62b754fc3157dab9cd7d1fbb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.playonigo.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
age: 622
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=600
cache-tag: staticjsapp-conversations-visitor-ui-web-prod,staticjsapp-prod
cf-cache-status: DYNAMIC
cf-ray: 73c12de06ca35b3e-FRA
content-encoding: br
content-security-policy-report-only: script-src 'self' www.hubspot.com *.hsappstatic.net *.hs-analytics.net *.hs-banner.com *.hsforms.net *.hsleadflows.net *.hs-scripts.com *.hubspotfeedback.com *.usemessages.com js.hubspot.com *.hsadspixel.net *.hscollectedforms.net js-agent.newrelic.com bam.nr-data.net bam-cell.nr-data.net *.google-analytics.com www.googletagmanager.com data: 'unsafe-inline' 'unsafe-eval' blob: connect.facebook.net www.gstatic.cn www.gstatic.com www.google.com *.fullstory.com fullstory.com apis.google.com snap.licdn.com; report-uri https://exceptions.hubspot.com/csp/report?resource=conversations-visitor-ui/static-1.13005/html/index.html&cfRay=73c12de06ca35b3e&reqUrl=https%3A%2F%2Fapp-eu1.hubspot.com%2Fconversations-visitor%2F26114418%2Fthreads%2Futk%2F2b786bb6380d4429a7faf696825e99e8%3Fuuid%3D9fe918787f594ab5b154933e7652cf45%26mobile%3Dfalse%26mobileSafari%3Dfalse%26hideWelcomeMessage%3Dfalse%26hstc%3Dnull%26domain%3Dplayonigo.com%26inApp53%3Dfalse%26messagesUtk%3D2b786bb6380d4429a7faf696825e99e8%26url%3Dhttps%253A%252F%252Fwww.playonigo.com%252Fatlantean-chest%252Fstart%26inline%3Dfalse%26isFullscreen%3Dfalse%26globalCookieOptOut%3Dnull%26isFirstVisitorSession%3Dtrue%26isAttachmentDisabled%3Dfalse%26enableWidgetCookieBanner%3Dfalse%26isInCMS%3Dfalse&referrer=https%3A%2F%2Fwww.playonigo.com%2F&cfenv=prod&pdt=2022-08-17&csp=ro
content-type: text/html; charset=utf-8
date: Wed, 17 Aug 2022 08:53:25 GMT
etag: W/"fde59e7b2e771879e2aed913e11fbc67"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Wed, 10 Aug 2022 02:50:06 UTC
report-to: {"group":"default","max_age":86400,"endpoints":[{"url":"https://exceptions.hubspot.com/csp/reports?cfRay=73c12de06ca35b3e&resource=conversations-visitor-ui/static-1.13005/html/index.html"}]}
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-id: XL2hl6a7xTWCCL7xmRpL9v0vmZG5YyRYOaq4N1TrxGqB71Tpwbh40g==
x-amz-cf-pop: FRA6-C1
x-amz-replication-status: COMPLETED
x-amz-server-side-encryption: AES256
x-amz-version-id: sgBF7k_rY522gHHx8SLvJH_qiR4Rd1Ah
x-cache: Hit from cloudfront
x-hs-cache-status: MISS
x-hs-target-asset: conversations-visitor-ui/static-1.13005/html/index.html
x-hs-worker-debug-mode: false

POST
H2 200 content Show response
ws8.hotjar.com/api/v2/sites/3057671/recordings/ 66 B
261 B 185ms
67ms XHR
application/json 54.229.120.213
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ws8.hotjar.com/api/v2/sites/3057671/recordings/content
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.8b83be320cd47888a36c.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.120.213 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-120-213.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 374a3b5016fa3fcecbb7162f8c690c66e5ff4f64ff614aca2ac5d4900a7e36ce

Request headers

Referer: https://www.playonigo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
content-encoding: br
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store
access-control-allow-credentials: true

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/head-dlb/static-1.223/ Frame 7D9E 44 KB
16 KB 35ms
16ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/head-dlb/static-1.223/bundle.production.js

Requested by

Host: app-eu1.hubspot.com
URL: https://app-eu1.hubspot.com/conversations-visitor/26114418/threads/utk/2b786bb6380d4429a7faf696825e99e8?uuid=9fe918787f594ab5b154933e7652cf45&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=playonigo.com&inApp53=false&messagesUtk=2b786bb6380d4429a7faf696825e99e8&url=https%3A%2F%2Fwww.playonigo.com%2Fatlantean-chest%2Fstart&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2778903aad7fbc80e080d755b907ba9b836cea44751989d3923a28b48f8d102e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/
Origin: https://app-eu1.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1097467
x-amz-server-side-encryption: AES256
cf-ray: 73c12de0fb4c68fb-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 04 Aug 2022 15:24:29 GMT
server: cloudflare
etag: W/"2407a7964ffbf44b40b5b506b96368df"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q5eu71M3CjCYjqJlPCKPtrJSJ9nTjEwJJ%2Fm2JMOFBXSgRpfXwng87sa6RemPIi39qBydQ3sKP7EHQOXlA82vTAcc8JDvsrAiQ3sv8LArv7zTcD2XKvn8XLwrpiCQDYUaFMldQ0VbYsOuVPIb4PfUaj3c5qc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: irhayGiqpCyrRQiCATc2s.GJ3NHllsom
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: DGpblpifZ_0FqsicyKNCM02kfndTki42daE3GjUkaqrN0eHS3V3Mjw==
expires: Thu, 17 Aug 2023 08:53:25 GMT

GET
H2 200 visitor.css
static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/ Frame 7D9E 20 KB
5 KB 64ms
33ms Stylesheet
text/css 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.11843/sass/visitor.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-eu1.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
via: 1.1 29a3bbd8332d2baa21b0652a77f11198.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 104100
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
content-type: text/css
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 15 Nov 2021 19:50:41 GMT
server: cloudflare
etag: W/"370a89ea102d7b437eb549729472631f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hYJsnAu6170GoSYAMP6CK%2F91DIBxnNVKbKYa4Fa7U9OXm3Vfs6BnlanNok8VJ5Ub81xllgJToeWT9sGWFczayo28Kx3dYQ%2FQrvfoPml1smUIJDDhwdZXTiDhAhcnqrkROBSxcqpymUBKQpeix6QE1t59E30%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: LgyvJN0nZOCplqIYlCYJJ1cibXdW_3K_
cache-control: public, max-age=31536000
x-amz-cf-pop: TXL50-P4
cf-ray: 73c12de1094e91f9-FRA
x-amz-cf-id: 7AYeUxQTIFCCkt57hqQElhi5UtUSAZYymewuhJeISP4_kTKWsNJafA==
expires: Thu, 17 Aug 2023 08:53:25 GMT

GET
H2 200 bundle.production.js Show response
static.hsappstatic.net/hubspot-dlb/static-1.312/ Frame 7D9E 295 KB
94 KB 36ms
18ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/hubspot-dlb/static-1.312/bundle.production.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

338be55e09986b74b0abf67ba0d09e117698bc411529b3da8f0783a349461bdf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/
Origin: https://app-eu1.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 661436
x-amz-server-side-encryption: AES256
cf-ray: 73c12de0fb5068fb-FRA
x-cache: Miss from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 05 Aug 2022 01:31:38 GMT
server: cloudflare
etag: W/"24368d9bf0991b15f75e817302381e9e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z8tQ27%2BfpxRWXjmw7R3dDXwOV2uD4jc3MSHiKliTdnUBDj5zE2OTIjMykhKONRIHxO%2BlwXntDeJq8gHMLwnW45ClzD%2FUzlkRkaGsq8WFvj2DVsL7moWFmV3ztnK2%2FmaZAYx7V44Dmcj%2FWYe7zJrTN0SaVtc%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: tGv9d32FqDJZMi1TXjkihXz8ATz_W19h
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: mdYGXFiyuiKgYxcPKXH6qtIE6RwirZSXutK5v8x1yloK2cTt51wXSQ==
expires: Thu, 17 Aug 2023 08:53:25 GMT

GET
H2 200 visitor.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.13005/bundles/ Frame 7D9E 508 KB
148 KB 37ms
18ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.13005/bundles/visitor.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b77c3bd2c894db137a8f336c17ac29f1594ec5af0992955b992f9c4cf8cca745

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/
Origin: https://app-eu1.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
via: 1.1 3f3b012fad703fdac0f14efdb7b78b6e.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 583387
x-amz-server-side-encryption: AES256
cf-ray: 73c12de0fb4f68fb-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 10 Aug 2022 12:47:24 GMT
server: cloudflare
etag: W/"f256542a6af6ceeed437331f5ab75882"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dUWk%2BLcHly0dyWoDdFC3J17BNpNN1G%2F99nK2H4Fwyly8S9KjLnvEEAfVuVM6GcePN5rcypLoDQh7SIEX7yoVOci%2BqdPL5Hc3mBCuDaHQnLXWbVawgqRCryn7KNpVtru4xiNleCt%2FFEXzuGw4R3EW6UK%2Fef0%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: 4ZVN9WwqwrSShn_QR6h0LOyR_8.npKP.
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: 5SKCrx_PuFy7dBZVNtcWwXOmP5x_VlkqWyVwqIzS5OZX8s1i2bbZ2A==
expires: Thu, 17 Aug 2023 08:53:25 GMT

GET
H3 200 i18n-data-data-locales-en-us.js Show response
static.hsappstatic.net/conversations-visitor-ui/static-1.12866/ Frame 7D9E 776 B
1 KB 37ms
27ms Script
application/javascript 2606:4700::6811:9d2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hsappstatic.net/conversations-visitor-ui/static-1.12866/i18n-data-data-locales-en-us.js

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13005/bundles/visitor.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:9d2 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c7803606f0214378a7296f304b85a18d0cb047ecd2c3e9c066b95eac1b354df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/
Origin: https://app-eu1.hubspot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
via: 1.1 93b8205e2f07a7099af2e6fd126d9658.cloudfront.net (CloudFront)
vary: Origin,Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2211844
x-amz-server-side-encryption: AES256
cf-ray: 73c12de2091e9b40-FRA
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-methods: GET
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 20 Jul 2022 18:05:07 GMT
server: cloudflare
etag: W/"d105d9d314ee327813395907aaaebd14"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4PzBRdoE0veMzLg1oDC6kpG3LjWiNWVWAlryveJCu5A9L%2BlmcPzSW5LYEkY83W7%2B8HwRY6T8HkkaWkaYm4aBYahLKR93PnOhGfOeVCDHkREF%2BLxwtu34%2BvqpjlgghMim9j%2FdzT9RPXQotjHBPVz8mFq8z78%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: JEgcIEae4RCP8X2OpQHVNr_uxJQ.waGT
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-amz-cf-pop: FRA56-P2
content-type: application/javascript
x-amz-cf-id: hxf0w4O6PaiOvbrqoh3HjYfPZkVQ-n_MfcooPy2W5X2yy2Tewp_PwA==
expires: Thu, 17 Aug 2023 08:53:25 GMT

GET
H2 200 __ptq.gif
track-eu1.hubspot.com/ 45 B
787 B 112ms
41ms Image
image/gif 172.65.240.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track-eu1.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=1091019263&v=1.1&a=26114418&pu=https%3A%2F%2Fwww.playonigo.com%2Fatlantean-chest%2Fstart&t=Atlantean+Chest+-+Start+Your+Game&cts=1660726405501&vi=53937feab6ca4e4c9c2a523fbe2d6268&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.240.166 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 212a50f8-a3ca-4002-b816-7466c8b6e6b0
cf-ray: 73c12de2dc7d5c62-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
last-modified: Wed, 17 Aug 2022 08:53:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h3sX9O1v5EcQcUY9eYlHK4B%2FWyJHgCVGNeiYvfEc6yLXBNCqMJ3VGU59jlBWldLSMG2qfqyTgYlTIXhGivP0z70uE1qbSHghNmUl01sBQU0dul29rVwnhJWNIN%2BkKjLYgmtscWqJ9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
accept-ranges: bytes
x-robots-tag: none

GET
H2

200

default-100
avatars.hubspot.net/ Frame 7D9E
Redirect Chain

https://api-eu1.hubspot.com/userpreferences/v1/avatar/c6d7e5113d82dda417274f76826071ae/100
https://avatars.hubspot.net/default-100

448 B
1 KB

46ms
15ms

Image
image/webp

2606:4700::6811:f1cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://avatars.hubspot.net/default-100
Protocol: H2
Server: 2606:4700::6811:f1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d7f8b6ed4f77b684b2615feaad46ae05bd069c8beaeb550e6094ccb2eb6cb0d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://app-eu1.hubspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

date: Wed, 17 Aug 2022 08:53:26 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 58481
x-amz-server-side-encryption: AES256
cf-ray: 73c12de58e5892a8-FRA
content-length: 448
x-amz-id-2: foQwpiZWGfP3bxgHZZdiHqpgxWMYOlVvm5Iinz0plZdWwTLdvz9dWqRUOoF2rp1SJceQbr9/AzQ=
last-modified: Fri, 18 Sep 2020 15:59:13 GMT
server: cloudflare
x-amz-meta-s3cmd-attrs: uid:1997735891/gname:staff/uname:jmendelewski/gid:20/mode:33188/mtime:1484768632/atime:1484768827/md5:dd769facdb720bc65224b1db30749aeb/ctime:1484768635
etag: "dd769facdb720bc65224b1db30749aeb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YHuTdIggUleGQcUCSRV4y%2BCArT20KVeD5yAcSjOSD1RlWyGvXvQbYc013EIS7CC%2BZIqQbvCjIT%2Br6CH67iwfdUlnzlM41mP9P9vTO58oJpzYunV%2FVrsI1Al2b8itcVVQo9uDKIe0mvfngCb6bLdkgrk%3D"}],"group":"cf-nel","max_age":604800}
x-amz-request-id: CTE3YKF1ASK98MR8
cf-polished: origFmt=png, origSize=798
accept-ranges: bytes
content-type: image/webp
cf-bgj: imgq:85,h2pri

Redirect headers

date: Wed, 17 Aug 2022 08:53:25 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-hubspot-correlation-id: 25936473-26be-417c-9a17-b60626456b4f
x-trace: 2BD1F00D8A583129DD2A084BE9A4FB92C85F0CA7C1000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=St91CGeTylSrGeBUaC2jGMSTjRhgXQNG084vH%2FODmPSNn459k%2BROW2lzAQx5puF%2FPSU1yA4Y3eN3U8mGFMp7pkrttXdjXW2Y17d8sYyxeDTGgMLRHbb0Mob2TZpliz7jCOxsM2E%3D"}],"group":"cf-nel","max_age":604800}
location: https://avatars.hubspot.net/default-100
access-control-allow-credentials: false
cf-ray: 73c12de4fcc2694b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 204 rhumb
app-eu1.hubspot.com/api/cartographer/v1/ Frame 7D9E 0
1 KB 389ms
88ms Ping
text/plain 172.65.236.181
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app-eu1.hubspot.com/api/cartographer/v1/rhumb?hs_static_app=conversations-visitor-ui&hs_static_app_version=1.13005

Requested by

Host: static.hsappstatic.net
URL: https://static.hsappstatic.net/conversations-visitor-ui/static-1.13005/bundles/visitor.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.65.236.181 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://app-eu1.hubspot.com/conversations-visitor/26114418/threads/utk/2b786bb6380d4429a7faf696825e99e8?uuid=9fe918787f594ab5b154933e7652cf45&mobile=false&mobileSafari=false&hideWelcomeMessage=false&hstc=null&domain=playonigo.com&inApp53=false&messagesUtk=2b786bb6380d4429a7faf696825e99e8&url=https%3A%2F%2Fwww.playonigo.com%2Fatlantean-chest%2Fstart&inline=false&isFullscreen=false&globalCookieOptOut=null&isFirstVisitorSession=true&isAttachmentDisabled=false&enableWidgetCookieBanner=false&isInCMS=false
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 17 Aug 2022 08:53:25 GMT
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 12ef906a-6cf8-48e5-a242-d9a0c52a33e0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
timing-allow-origin: *
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 604800
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ePmZUTjEg4vHwgtUrT4ViTNm8mnH0Ng3Ld1UOuEX7jEJNrhoiT5B1RQElxdE2kVMa%2FvBFVv0diTyVIib6QYwy7jHxKCIK19PNt%2B3MBmPn2ZaBHMMxUrznMVjsjHr8m5IPEv7DWw%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://app-eu1.hubspot.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing, X-Hubspot-Correct-Hublet
access-control-allow-credentials: true
cf-ray: 73c12de4c8905b3e-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 104ms
39ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-XMH7E2YSYQ&gtm=2oe8f0&_p=1009176977&cid=2031941711.1660726405&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=2&sid=1660726404&sct=1&seg=0&dl=https%3A%2F%2Fwww.playonigo.com%2Fatlantean-chest%2Fstart&dt=Atlantean%20Chest%20-%20Start%20Your%20Game&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XMH7E2YSYQ&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.playonigo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.101 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 17 Aug 2022 08:53:29 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.playonigo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.playonigo.com/	1970-01-20 07:28:22	Name: _gcl_au Value: 1.1.568477619.1660726405
.playonigo.com/	1970-01-20 05:20:12	Name: _gid Value: GA1.2.232377892.1660726405
.playonigo.com/	1970-01-20 05:18:46	Name: _gat_gtag_UA_114116789_1 Value: 1
.playonigo.com/	1970-01-20 14:54:46	Name: _ga_XMH7E2YSYQ Value: GS1.1.1660726404.1.0.1660726404.0.0.0
.playonigo.com/	1970-01-20 14:54:46	Name: _ga Value: GA1.1.2031941711.1660726405
.playonigo.com/	1970-01-20 14:04:22	Name: _hjSessionUser_3057671 Value: eyJpZCI6IjJmYzRhMTkwLTY5NzItNTM1YS1hNTViLWE4Mzk3MzQ3Y2M1NSIsImNyZWF0ZWQiOjE2NjA3MjY0MDQ3MDksImV4aXN0aW5nIjpmYWxzZX0=
.playonigo.com/	1970-01-20 05:18:48	Name: _hjFirstSeen Value: 1
www.playonigo.com/	1970-01-20 05:18:46	Name: _hjIncludedInSessionSample Value: 1
.playonigo.com/	1970-01-20 05:18:48	Name: _hjSession_3057671 Value: eyJpZCI6IjE4MzBiMmM5LTZjNDYtNDZkMC04MWRhLTUwZTg0NTQwMTRlZCIsImNyZWF0ZWQiOjE2NjA3MjY0MDQ3NzcsImluU2FtcGxlIjp0cnVlfQ==
www.playonigo.com/	1970-01-20 05:18:46	Name: _hjIncludedInPageviewSample Value: 1
.playonigo.com/	1970-01-20 05:18:48	Name: _hjAbsoluteSessionInProgress Value: 1
.hubspot.com/	1970-01-20 05:18:48	Name: __cf_bm Value: bLFhhxsSFVdLLoF.Si2NTGxmSseye2QevGlGw40a02Q-1660726405-0-Aeyvldc/PAu6sh+6C2cE/LA7KZ8XiMsN+WMX/Qcz/FkjbYKVkfuhVs9wlcekUbfWW0zXFHkqJgJ9updaLUN5GXw=
.playonigo.com/	1970-01-20 09:37:58	Name: __hstc Value: 159301029.53937feab6ca4e4c9c2a523fbe2d6268.1660726405499.1660726405499.1660726405499.1
.playonigo.com/	1970-01-20 09:37:58	Name: hubspotutk Value: 53937feab6ca4e4c9c2a523fbe2d6268
.playonigo.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.playonigo.com/	1970-01-20 05:18:48	Name: __hssc Value: 159301029.1.1660726405499
.playonigo.com/	1970-01-20 09:37:58	Name: messagesUtk Value: 2b786bb6380d4429a7faf696825e99e8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
api-eu1.hubspot.com
app-eu1.hubspot.com
avatars.hubspot.net
cdn.privado.ai
code.jquery.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
forms-eu1.hubspot.com
in.hotjar.com
js-eu1.hs-analytics.net
js-eu1.hs-banner.com
js-eu1.hs-scripts.com
js-eu1.hscollectedforms.net
js-eu1.usemessages.com
region1.google-analytics.com
script.hotjar.com
static.hotjar.com
static.hsappstatic.net
stats.g.doubleclick.net
track-eu1.hubspot.com
unpkg.com
uploads-ssl.webflow.com
vars.hotjar.com
vc.hotjar.io
ws8.hotjar.com
www.cdn.privado.ai
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.onigoescapes.com
www.playonigo.com
13.224.189.122
13.224.189.26
13.225.78.103
13.225.78.124
13.225.78.54
13.225.84.17
172.65.192.122
172.65.193.34
172.65.202.201
172.65.202.85
172.65.208.22
172.65.236.181
172.65.238.60
172.65.240.166
2001:4860:4802:32::36
2001:4860:4802:36::178
2001:4de0:ac18::1:a:2a
2600:9000:20eb:5600:14:dc98:7700:93a1
2606:4700::6810:7caf
2606:4700::6811:9d2
2606:4700::6811:eecc
2606:4700::6811:f1cc
2a00:1450:4001:808::2003
2a00:1450:4001:809::2003
2a00:1450:4001:80e::200a
2a00:1450:4001:812::200a
2a00:1450:4001:829::2004
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2008
2a00:1450:400c:c0c::9c
34.253.101.190
54.229.120.213
54.74.193.12
0bf673925163224f78fec48c5b1f5126c4ab6605a98ed1dcdf87d82ba9c3bd91
0ea4abb203448ea355f37ae01b8e8bf5f7bc5e4be40d54bdd585421e50b106be
0ebe1219a8cbb054a23bea0d9b2e3bbc9f0dc1454643506df0f6c52eb9e94641
18050dc0220b64a11a8810f451c1e51781d9a17043dcc258e41a48d0e22fcfb2
1c7803606f0214378a7296f304b85a18d0cb047ecd2c3e9c066b95eac1b354df
2778903aad7fbc80e080d755b907ba9b836cea44751989d3923a28b48f8d102e
2d7ef2a83a21210a308c23f637c9a22befcd976533e4426a4786d7cbcf8cb04b
32164f449bfc5c44ba943d78680d9d2a145be4b93302487dafa58671baa0b9f4
338be55e09986b74b0abf67ba0d09e117698bc411529b3da8f0783a349461bdf
3395548d12c45b3163fe2231ff03b0ced049771aeae73bacb45b2726e2f61010
374a3b5016fa3fcecbb7162f8c690c66e5ff4f64ff614aca2ac5d4900a7e36ce
3c0c39b913efd4fe6cadbc34c575160c55c5ea0c77fc6746ccd2327e40b2ed9b
4359643e1b6350bffd6e16d543603ea7b393855957e792ac7f9178a81ed0b14d
43806e67ec1242859d5779da20ad79339410917188fd2926c293f9c556f0d2be
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
47f866be06afeedbb11f7dafe75b1ddb58fd9e1f7219b95de1af57454d63230c
4f455eb2ddf2094ee969f470f6bfac7adb4c057e8990a374e9da819e943c777d
547e0054f7adc46531a2b92e4d86e5f09cdf6049e74b2aa9cb2764ae5994f540
5b3933294fd263b1572540d5a06c988d6178804a57b8cba76225d1cac605b018
5cd9e6bde1952c22e84f637d2a034a3fc787ce3eb1e97cfbaa6076ddfa8e0786
5cde27396c8c483c599d4162e29f219dbad91728edacc8f91410cc818a91046b
5e0a88a680075dec852a87e3caa62bbb27bc77affb238de1778e1a8dca88e088
6e32380e0f21a810a765b51763ab35da7d7f266d557bf2eae190baca2f619f40
735db383c13a8dfa4f2659ab5cb2ce9cec0e0de9517e31a11d82c11bf7edc352
76e2bca54d321dfd4cebf8797b2c9a81ccb1c0619d4da3a7c53d4e6228c5a61d
7942e2e26a4203b6ce47df56d9c220a45eb1836a4721c142b4a0b488998eb0b1
7bb576ebfaacf418331a906da2aadc9dc8047f10a68ab81754856aacff91bc4d
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
90438997aa817bad94f49d367b04dbaaaa387493ef5a1f5b5d5f7b953b76c1ac
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
abe615b1cb6022c3c153172e64fb39e956601ecf47dee36ebcfee1e6ad2bd1c6
b301917122de2fb53347e915ba8a279da0287b02f63846f26af5310fedaa5618
b77c3bd2c894db137a8f336c17ac29f1594ec5af0992955b992f9c4cf8cca745
bd4859c18384311788aceaee706ad1bf94c3310fbe33b1a16eb27926a877e7ff
c09332326d7e70e0623cd6bd5b3b5bf25ed4f55f92f7b90291ebe4cc9ce9130d
cc52733b73530cdb8ff7665895e0b1be88f67f1dcf738ec1ca3ec404f2723f97
cfe0f324e5847753b4dbc0b8c7a883a46fd37f982504c1a2e5a6c86281394d0c
d7f8b6ed4f77b684b2615feaad46ae05bd069c8beaeb550e6094ccb2eb6cb0d9
d906b076618715d98464058604953e5c8e79d3f62b754fc3157dab9cd7d1fbb8
d93b4878bc05a170e77601cd0ed4b7befa9f3972f94281968d1b6380aba1ef22
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc6a870a116251f87186b5a787702fc7bf6939f2126f66ca82e0a7142a6ba9f6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e67871ecd9ee956b61be7d99ec87472e458444ff2d56f23c957cb380400c40c5
e92a2fbef45877594f44cc8617c16c7e745cfba43407b15ac6ea0b3279703fef
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f27fda010800b6bd3a831a218d10fe0f1a01ef24852910c79ee87b18a10e19c1
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

www.playonigo.com Open in urlscan Pro 34.253.101.190 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

54 Requests

93 %HTTPS

48 %IPv6

24 Domains

35 Subdomains

34 IPs

5 Countries

1766 kBTransfer

4377 kBSize

17 Cookies

1 Outgoing links

Page URL History

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.playonigo.com Open in urlscan Pro
34.253.101.190 Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

93 %
HTTPS

48 %
IPv6

24
Domains

35
Subdomains

34
IPs

5
Countries

1766 kB
Transfer

4377 kB
Size

17
Cookies

54 HTTP transactions
1 data transactions