afl.playhq.com Open in urlscan Pro
2600:9000:2156:5400:4:e7f8:4c00:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
Submission: On November 22 via manual (November 22nd 2021, 4:26:25 am UTC) from US — Scanned from DE

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 33 HTTP transactions. The main IP is 2600:9000:2156:5400:4:e7f8:4c00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is afl.playhq.com.
TLS certificate: Issued by Amazon on October 26th 2021. Valid for: a year.

This is the only time afl.playhq.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2600:9000:215... 2600:9000:2156:5400:4:e7f8:4c00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
3	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
8	151.101.131.9 151.101.131.9	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
2	52.21.69.200 52.21.69.200	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
1	143.204.98.56 143.204.98.56	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:24e... 2600:1f18:24e6:b901:e9e2:b3f7:8af0:dca7	14618 (AMAZON-AES) (AMAZON-AES)
33	10

13 2600:9000:2156:5400:4:e7f8:4c00:93a1 (United States)

ASN16509 (AMAZON-02, US)

afl.playhq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

fast.appcues.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.131.9 (United States)

ASN54113 (FASTLY, US)

sdk.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.21.69.200 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-69-200.compute-1.amazonaws.com

auth.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-56.fra50.r.cloudfront.net

streaming.split.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:24e6:b901:e9e2:b3f7:8af0:dca7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	playhq.com afl.playhq.com	619 KB
11	split.io sdk.split.io auth.split.io streaming.split.io	7 KB
3	appcues.com fast.appcues.com	121 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	datadoghq.com rum-http-intake.logs.datadoghq.com	94 B
1	gstatic.com fonts.gstatic.com	29 KB
1	googletagmanager.com www.googletagmanager.com	40 KB
1	googleapis.com fonts.googleapis.com	928 B
33	8

	Domain	Requested by
13	afl.playhq.com	afl.playhq.com
8	sdk.split.io	afl.playhq.com
3	fast.appcues.com	afl.playhq.com fast.appcues.com
2	www.google-analytics.com	www.googletagmanager.com afl.playhq.com
2	auth.split.io	afl.playhq.com
1	rum-http-intake.logs.datadoghq.com	afl.playhq.com
1	streaming.split.io	afl.playhq.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.googletagmanager.com	afl.playhq.com
1	fonts.googleapis.com	afl.playhq.com
33	10

This site contains no links.

Subject Issuer	Validity	Valid
*.playhq.com Amazon	`2021-10-26` - `2022-11-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
fast.appcues.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-04-26` - `2022-05-28`	a year	crt.sh
*.split.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-01` - `2022-01-24`	3 months	crt.sh
streaming.split.io Amazon	`2021-04-06` - `2022-05-05`	a year	crt.sh
*.logs.datadoghq.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-31` - `2022-05-31`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
Frame ID: 44D21933381630E06A6D064E1E817AD9
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Log In | PlayHQ

Page Statistics

33
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

837 kB
Transfer

2977 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request login Show response
afl.playhq.com/auth/ 22 KB
8 KB 2472ms
2425ms Document
text/html 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2e0b5715a67c41bfef91059cd4bf82fca6982125a99f35142e410bf80bc8e178

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html
server: CloudFront
date: Mon, 22 Nov 2021 04:26:19 GMT
last-modified: Mon, 15 Nov 2021 04:04:23 GMT
etag: W/"29251e5f87a276627b4376d4be2171af"
x-amz-server-side-encryption: AES256
cache-control: max-age=0,no-store,no-cache,must-revalidate
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block
referrer-policy: same-origin
content-encoding: gzip
vary: Accept-Encoding
x-cache: Error from cloudfront
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: ghUmMgdB3ZVNP--yncbxMHqNwsjEepX7kGfyXMhJn7pvVy_MCyGMYQ==

GET
H2 200 css
fonts.googleapis.com/ 3 KB
928 B 40ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f118e242bfb2318d45f1aed9ed1f434c8f89f945023337ffb29c8d7cbc3175c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 03:03:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Mon, 22 Nov 2021 04:26:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Nov 2021 04:26:18 GMT

GET
H2 200 89626.js Show response
fast.appcues.com/ 22 KB
6 KB 729ms
698ms Script
text/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/89626.js
Requested by: Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Cowboy /
Resource Hash: d6430d5c4bf725b52bdc011ada7af30f45f3e76e04f13dfd3264b09c8ee81404

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:19 GMT
content-encoding: gzip
age: 0
x-cache: MISS
content-length: 5413
x-request-id: FrnDwlYtNsT-ybOW08Pi
x-served-by: cache-fra19151-FRA
access-control-allow-origin: *
server: Cowboy
x-timer: S1637555178.360171,VS0,VE691
vary: accept-encoding, Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
content-type: text/javascript; charset=utf-8
via: 1.1 varnish
access-control-expose-headers
cache-control: max-age=120,public
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 0

GET
H2 200 238.16f602c8.chunk.js Show response
afl.playhq.com/static/js/ 1 MB
419 KB 21ms
21ms Script
application/javascript 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4eafdb9eb5a7dd2effc170fda024154c6699e01ba531bb211df70f3745971fe9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 03:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:15 GMT
server: CloudFront
x-frame-options: DENY
etag: W/"f902f75bf7f1b8bb39b9cc2a655eac9f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: cUtETfLMIviOiqdna3PsO1cjEywbFypnUn3vR0QKqWESq9D-YtZIeg==

GET
H2 200 main.f0835ffa.chunk.js Show response
afl.playhq.com/static/js/ 400 KB
65 KB 17ms
17ms Script
application/javascript 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/js/main.f0835ffa.chunk.js

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2fe8f21d3a68e80873a16eb8a8dd29308fa97b8cc650087ad0038d44000b460c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 03:10:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4539
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:18 GMT
server: CloudFront
x-frame-options: DENY
etag: W/"64d09089032259815147de78a8a06107"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: NlmFXUaPUM80GoLu6uphAKCy2atCY6GkfLwCUwMLuBQ6s5toqy4GOA==

OPTIONS
H2 200 anonymous
sdk.split.io/api/mySegments/ 0
0 35ms
7ms Preflight 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/mySegments/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://afl.playhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Mon, 22 Nov 2021 04:26:19 GMT
via: 1.1 varnish
x-served-by: cache-fra19170-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1637555179.222996,VS0,VE0
vary: Cookie
access-control-allow-origin: https://afl.playhq.com
content-length: 37

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ 0
0 24ms
7ms Preflight 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/splitChanges?since=-1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://afl.playhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Mon, 22 Nov 2021 04:26:19 GMT
via: 1.1 varnish
x-served-by: cache-fra19170-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1637555179.223048,VS0,VE0
vary: Cookie
access-control-allow-origin: https://afl.playhq.com
content-length: 37

GET
H2 200 appcues.main.7795bd43c25efae21e7f23dce7222dd6e11a4305.js Show response
fast.appcues.com/generic/main/4.31.33/ 400 KB
113 KB 23ms
7ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.31.33/appcues.main.7795bd43c25efae21e7f23dce7222dd6e11a4305.js
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/89626.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 50452d38c5e4d6d5c7e66daade7430307abd94bee00c05d01b08edaacfc4eedf

Request headers

Referer
Origin: https://afl.playhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:19 GMT
content-encoding: gzip
age: 1437543
via: 1.1 varnish
x-cache: HIT
content-length: 114988
x-amz-id-2: +u3H/ltU3K4P3t/0yba6itsYhtYe+FZ2noZk1R2wdM5y34yek3BHe725Z2CYWq8e8o8V1o55BUs=
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
last-modified: Fri, 05 Nov 2021 12:57:12 GMT
server: AmazonS3
x-timer: S1637555179.077088,VS0,VE0
etag: "34b0aac48683ec2a95f6a11b42114e41"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id: NED782KM5076YXP9
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 39048

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 101 KB
40 KB 53ms
30ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KBHCLBW&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afa29dd360e5e7da014630fcd4eff6a2239ba8f6e5baa306abce5257c730e2cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:19 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40114
x-xss-protection: 0
last-modified: Mon, 22 Nov 2021 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Nov 2021 04:26:19 GMT

GET
H2 200 anonymous Show response
sdk.split.io/api/mySegments/ 17 B
440 B 97ms
95ms Fetch
application/json 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anonymous

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer
Authorization: Bearer eka1328dhn9vkkpk33jgea3iohmdig1uk13u
Accept-Language: de-DE,de;q=0.9
SplitSDKVersion: javascript-10.14.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
etag: "1000002--gzip"
age: 334975
x-cache: HIT, MISS
content-encoding: gzip
content-length: 37
x-request-id: 1yl6odsxytu
x-served-by: cache-dca17772-DCA, cache-fra19170-FRA
x-timer: S1637555179.232615,VS0,VE89
date: Mon, 22 Nov 2021 04:26:19 GMT
vary: Origin, Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca12925-DCA-bf99ad32-5cc8-4ecb-a1a9-23cbcb895e55; cache-fra19172-FRA-e51c9d67-3bed-43d7-b147-2878f696b6a3
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 256.e841fe48.chunk.js Show response
afl.playhq.com/static/js/ 102 KB
35 KB 1156ms
1155ms Script
application/javascript 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/js/256.e841fe48.chunk.js

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f5519fb2ec3a1d61729d491be9e09bf11b0fc63e63315012d69ab884e653a78a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:15 GMT
server: CloudFront
x-frame-options: DENY
etag: W/"1ff1640a2c5ce9c5630902766823bcc5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-amz-cf-id: c6yXi6tCKrB7xtq_tG3FlfTFiWRRcu8FOO-2Ihrk_Wvd4C7DfkcnTA==

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 118 KB
5 KB 105ms
104ms Fetch
application/json 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=-1

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

894e302904072e453d2995fcaeb7d4e466e7963fc159e6864d639acc256d6048

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer
Authorization: Bearer eka1328dhn9vkkpk33jgea3iohmdig1uk13u
Accept-Language: de-DE,de;q=0.9
SplitSDKVersion: react-1.2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
content-encoding: gzip
etag: "939692512--gzip"
age: 0
x-cache: MISS, MISS
content-length: 4670
via: 1.1 varnish, 1.1 varnish
x-request-id: 1yw9qlrbt5m
x-served-by: cache-dca17783-DCA, cache-fra19170-FRA
last-modified: Mon, 22 Nov 2021 03:02:22 GMT
x-timer: S1637555179.232708,VS0,VE97
date: Mon, 22 Nov 2021 04:26:19 GMT
vary: Origin, Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca17783-DCA-41a4801f-9757-470c-ba44-6f13e5f64f33; cache-fra19170-FRA-34a5e210-5dc6-4af9-9e46-69f781dfc480
accept-ranges: bytes
x-cache-hits: 0, 0

GET
H2 200 common.json Show response
afl.playhq.com/static/locales/en-US/ 22 KB
8 KB 3309ms
3309ms Fetch
text/html 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/locales/en-US/common.json

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2e0b5715a67c41bfef91059cd4bf82fca6982125a99f35142e410bf80bc8e178

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
date: Mon, 22 Nov 2021 04:26:23 GMT
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:23 GMT
server: CloudFront
x-frame-options: DENY
etag: W/"29251e5f87a276627b4376d4be2171af"
vary: Accept-Encoding
content-type: text/html
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=0,no-store,no-cache,must-revalidate
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-amz-cf-id: BgCkp2u-rfvX4toi_d8-4CGVSoPTMqUNetWUpa7OCyBgy9RmfUrMfQ==

GET
H2 200 afl.json Show response
afl.playhq.com/static/locales/en-US/ 22 KB
8 KB 2185ms
2184ms Fetch
text/html 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/locales/en-US/afl.json

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

2e0b5715a67c41bfef91059cd4bf82fca6982125a99f35142e410bf80bc8e178

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:23 GMT
server: CloudFront
x-frame-options: DENY
etag: W/"29251e5f87a276627b4376d4be2171af"
vary: Accept-Encoding
content-type: text/html
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=0,no-store,no-cache,must-revalidate
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-amz-cf-id: DQ71hhapeR35zyEjrvchYQA6sqqNn9ZXlqcUgwpjAsP95n6D6xnyCg==

GET
H2 200 common.json Show response
afl.playhq.com/static/locales/en/ 3 B
1 KB 1072ms
1072ms Fetch
application/json 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/locales/en/common.json

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:21 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 3
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:18 GMT
server: CloudFront
x-frame-options: DENY
etag: "8a80554c91d9fca8acb82f023de02f11"
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/json
cache-control: max-age=31536000,public
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
accept-ranges: bytes
x-amz-cf-id: iwIU6GJK6Vy8w1lIGJTWoR60IvKOx15sysgf4NxSUovuFVGz3VaA_g==

GET
H2 200 afl.json Show response
afl.playhq.com/static/locales/en/ 114 B
1 KB 1087ms
1087ms Fetch
application/json 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/locales/en/afl.json

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

82103060e5ec17dfd2e1b2226392fe3c378010855eb0f8544b411bb84b26ea34

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:21 GMT
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
content-length: 114
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:18 GMT
server: CloudFront
x-frame-options: DENY
etag: "3823ac62c0aa919a80c0150b8635643e"
strict-transport-security: max-age=63072000; includeSubdomains; preload
content-type: application/json
cache-control: max-age=31536000,public
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
accept-ranges: bytes
x-amz-cf-id: R9RT1vTKHft_buWhyizzzep4kpvUS_HZnnMytoC9BHBRY1c0GQDoQw==

GET
H2 200 auth Show response
auth.split.io/api/ 610 B
981 B 106ms
106ms Fetch
application/json 52.21.69.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/auth?users=anonymous

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.69.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-69-200.compute-1.amazonaws.com

Software

Resource Hash

c6eab7eadc8392d52e24f48bc4aeec72de30495806a4c72212f51e948d35cf59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: application/json
Referer
Authorization: Bearer eka1328dhn9vkkpk33jgea3iohmdig1uk13u
Accept-Language: de-DE,de;q=0.9
SplitSDKVersion: react-1.2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 22 Nov 2021 04:26:19 GMT
strict-transport-security: max-age=15770000; includeSubdomains
access-control-allow-methods: GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://afl.playhq.com
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
content-length: 610

OPTIONS
H2 200 auth
auth.split.io/api/ 0
0 326ms
106ms Preflight
application/json 52.21.69.200
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://auth.split.io/api/auth?users=anonymous

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.69.200 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-69-200.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubdomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://afl.playhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 22 Nov 2021 04:26:19 GMT
content-type: application/json; charset=utf-8
content-length: 4
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://afl.playhq.com
strict-transport-security: max-age=15770000; includeSubdomains

GET
H2 200 container.7795bd43c25efae21e7f23dce7222dd6e11a4305.css
fast.appcues.com/generic/main/4.31.33/ 15 KB
2 KB 7ms
7ms Stylesheet
text/css 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.appcues.com/generic/main/4.31.33/container.7795bd43c25efae21e7f23dce7222dd6e11a4305.css
Requested by: Host: fast.appcues.com
URL: https://fast.appcues.com/generic/main/4.31.33/appcues.main.7795bd43c25efae21e7f23dce7222dd6e11a4305.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d4c676ed415cb16654c1309c8c2ee790db12f4a5ae5efb675a595ddd31a6a9e3

Request headers

Referer
Origin: https://afl.playhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:19 GMT
content-encoding: gzip
age: 1437541
via: 1.1 varnish
x-cache: HIT
content-length: 2029
x-amz-id-2: 7XIsioITkictcGtXbo4i729HmDbnu4u0t+TVVJPpjNeVcOJNrn42sfKutiSbCgh5oLuIu9pYolo=
x-served-by: cache-fra19164-FRA
timing-allow-origin: *
last-modified: Fri, 05 Nov 2021 12:57:12 GMT
server: AmazonS3
x-timer: S1637555179.268954,VS0,VE0
etag: "c8a48e77946e446dc42162494c5a4ed7"
vary: Accept-Encoding
access-control-allow-methods: GET,PUT,POST,DELETE,OPTIONS
x-amz-request-id: B6SFG05YPAAKWW2A
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
accept-ranges: bytes
content-type: text/css; charset=utf-8;
access-control-allow-headers: X-Requested-With,Authorization
x-cache-hits: 37738

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KBHCLBW&gtm_auth=&gtm_preview=&gtm_cookies_win=x

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3076
date: Mon, 22 Nov 2021 03:35:03 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 22 Nov 2021 05:35:03 GMT

GET
H2 200 1.546111e3.chunk.js Show response
afl.playhq.com/static/js/ 17 KB
7 KB 1072ms
1072ms Script
application/javascript 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/js/1.546111e3.chunk.js

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

4df700fac858b1db305a25ee62249613f6839b32d464192a093d556af0d3e9e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:15 GMT
server: CloudFront
x-frame-options: DENY
etag: W/"4c27027a7068087ef60aa5ef8755d3b0"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-amz-cf-id: DmdRPbSmH2hFGVHx-IIbUeAgtfhD_3uCDE9J54A0iCUynWURqUamXQ==

GET
H2 200 2.5671ac81.chunk.js Show response
afl.playhq.com/static/js/ 12 KB
5 KB 1098ms
1098ms Script
application/javascript 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/js/2.5671ac81.chunk.js

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

a8e1eb9d3dffae5ae7c22de7af17d2283bb3ba045bd8927bb8e101211950f687

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:15 GMT
server: CloudFront
x-frame-options: DENY
etag: W/"385709938c34f149b96617aae5be05cd"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-amz-cf-id: hhT2qLrRKSgph7hXUiiOGm3g-zec9AXX_3rbIC5lmoF4lNYTq-klRA==

GET
H2 200 3.0668443a.chunk.js Show response
afl.playhq.com/static/js/ 47 KB
14 KB 1084ms
1084ms Script
application/javascript 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/js/3.0668443a.chunk.js

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

38f1e626599c86d2ab1cde06189152c8fce9e1846f131735d42e5d9d90efbc0b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:15 GMT
server: CloudFront
x-frame-options: DENY
etag: W/"860f9e1ad08bc5bbc026b01f8e9d48e5"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-amz-cf-id: 6yo87EteKaALLpjnUyMslxJi7xhKk_AKRNWOwdVS5nSfuZGFb5On0Q==

GET
H2 200 5.c1ac4b04.chunk.js Show response
afl.playhq.com/static/js/ 21 KB
9 KB 1244ms
1244ms Script
application/javascript 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/js/5.c1ac4b04.chunk.js

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cdee4bfa2c5a0b52e2cf59b4df1d9e69af6f70cec9d52edba7d18945dbaa0233

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:16 GMT
server: CloudFront
x-frame-options: DENY
etag: W/"645f08102392f14d32f22983b39d3d68"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-amz-cf-id: QCvzHMlUZ7GuYz1DCauCB8kPNi2KH-nvDg90RAl2YA24zD2ED3v2JQ==

GET
H2 200 Login.47e71028.chunk.js Show response
afl.playhq.com/static/js/ 156 KB
39 KB 1135ms
1135ms Script
application/javascript 2600:9000:2156:5400:4:e7f8:4c00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://afl.playhq.com/static/js/Login.47e71028.chunk.js

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2156:5400:4:e7f8:4c00:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

cd50fab929a6ec65d6971cfa3e97cee05f7a6001561d36c5a88053f8cd7fbe1c

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Mon, 22 Nov 2021 04:26:21 GMT
content-encoding: br
x-content-type-options: nosniff
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Mon, 15 Nov 2021 04:04:16 GMT
server: CloudFront
x-frame-options: DENY
etag: W/"2bad42125a16a7452dd41ef8c0b0a59f"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
cache-control: max-age=31536000,public
content-security-policy: default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://*.playhq.com wss://*.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
x-amz-cf-id: jyHqcDkEDNSA8f1jZobh5rORPSm5ki9SKwF1aowXVUD9AlNgHN_OWQ==

GET
H2 200 qkBbXvYC6trAT7RVLtw.woff2
fonts.gstatic.com/s/karla/v15/ 29 KB
29 KB 36ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/karla/v15/qkBbXvYC6trAT7RVLtw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Karla:400,400i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6e74951b276f25770b35ae0e206139f1494d73cce9c72382731c50c7b8880f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://afl.playhq.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date: Fri, 19 Nov 2021 13:31:44 GMT
x-content-type-options: nosniff
age: 226475
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29268
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 22:11:53 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 19 Nov 2022 13:31:44 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
205 B 14ms
13ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1490477752&t=pageview&_s=1&dl=https%3A%2F%2Fafl.playhq.com%2Fauth%2Flogin%3ForganisationId%3Dd89d0b85-d913-4d44-9bb0-08cf4101e772&dp=%2Fauth%2Flogin&ul=en-us&de=UTF-8&dt=PlayHQ&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1561066773&gjid=431902521&cid=126287229.1637555179&tid=UA-145253987-2&_gid=57746749.1637555179&_r=1&gtm=2wgba1KBHCLBW&z=1176742991

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Nov 2021 04:26:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://afl.playhq.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sse
streaming.split.io/ 472 B
0 596ms
549ms EventSource
text/event-stream 143.204.98.56
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://streaming.split.io/sse?channels=NzA5NTA1MDM2_MTIwNTYxNTI4MA%3D%3D_MjYwMDIyNzUwNQ%3D%3D_mySegments,NzA5NTA1MDM2_MTIwNTYxNTI4MA%3D%3D_splits,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_pri,%5B%3Foccupancy%3Dmetrics.publishers%5Dcontrol_sec&accessToken=eyJhbGciOiJIUzI1NiIsImtpZCI6IkRQVkE3QS5fbS1NU1EiLCJ0eXAiOiJKV1QifQ.eyJ4LWFibHktY2FwYWJpbGl0eSI6IntcIk56QTVOVEExTURNMl9NVEl3TlRZeE5USTRNQT09X01qWXdNREl5TnpVd05RPT1fbXlTZWdtZW50c1wiOltcInN1YnNjcmliZVwiXSxcIk56QTVOVEExTURNMl9NVEl3TlRZeE5USTRNQT09X3NwbGl0c1wiOltcInN1YnNjcmliZVwiXSxcImNvbnRyb2xfcHJpXCI6W1wic3Vic2NyaWJlXCIsXCJjaGFubmVsLW1ldGFkYXRhOnB1Ymxpc2hlcnNcIl0sXCJjb250cm9sX3NlY1wiOltcInN1YnNjcmliZVwiLFwiY2hhbm5lbC1tZXRhZGF0YTpwdWJsaXNoZXJzXCJdfSIsIngtYWJseS1jbGllbnRJZCI6ImNsaWVudElkIiwiZXhwIjoxNjM3NTU4Nzc5LCJpYXQiOjE2Mzc1NTUxNzl9.Vu9dPEMwdujx-Pq3hJv7KaPQeqDRbUOuVJzWnqRNEts&v=1.1&heartbeats=true

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/auth/login?organisationId=d89d0b85-d913-4d44-9bb0-08cf4101e772

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.98.56 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-98-56.fra50.r.cloudfront.net

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com
X-Content-Type-Options	nosniff

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy: default-src 'self'; frame-ancestors 'self'; frame-src status.ably.com
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
referrer-policy: no-referrer
x-amz-cf-pop: FRA50-C1
date: Mon, 22 Nov 2021 04:26:20 GMT
vary: Origin
x-ably-serverid: frontend.5a9f.1.us-east-1-A.i-04eb5dfd0e31e6587.e7dTrqqbQB5495
content-type: text/event-stream
access-control-allow-origin: https://afl.playhq.com
access-control-expose-headers: Link,Transfer-Encoding,Content-Length,X-Ably-ErrorCode,X-Ably-ErrorMessage,X-Ably-ServerId,Server
access-control-allow-credentials: true
x-cache: Miss from cloudfront
x-robots-tag: noindex
x-amz-cf-id: 7e32P73Q_lMD6y-lmMrYu6HkiEX_-AKKrXGtgs0V0C7E8eiXC4UQ8g==
x-content-type-options: nosniff

OPTIONS
H2 200 anonymous
sdk.split.io/api/mySegments/ 0
0 7ms
6ms Preflight 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/mySegments/anonymous
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://afl.playhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Mon, 22 Nov 2021 04:26:20 GMT
via: 1.1 varnish
x-served-by: cache-fra19170-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1637555180.247424,VS0,VE0
vary: Cookie
access-control-allow-origin: https://afl.playhq.com
content-length: 37

GET
H2 200 anonymous Show response
sdk.split.io/api/mySegments/ 17 B
427 B 94ms
93ms Fetch
application/json 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/mySegments/anonymous

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer
Authorization: Bearer eka1328dhn9vkkpk33jgea3iohmdig1uk13u
Accept-Language: de-DE,de;q=0.9
SplitSDKVersion: react-1.2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
via: 1.1 varnish, 1.1 varnish
etag: "1000002--gzip"
age: 334976
x-cache: HIT, MISS
content-encoding: gzip
content-length: 37
x-request-id: 1yqq7bmjjw3
x-served-by: cache-dca17760-DCA, cache-fra19170-FRA
x-timer: S1637555180.255334,VS0,VE87
date: Mon, 22 Nov 2021 04:26:20 GMT
vary: Origin, Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca17775-DCA-5264ffba-6e5c-451a-b198-f5a3bb53c6ac; cache-fra19170-FRA-40f4e0ca-3d53-48b8-bee9-579daba18163
accept-ranges: bytes
x-cache-hits: 1, 0

GET
H2 200 splitChanges Show response
sdk.split.io/api/ 56 B
295 B 117ms
116ms Fetch
application/json 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://sdk.split.io/api/splitChanges?since=1637550142827

Requested by

Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.131.9 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

007ed8e7d32db4f18477700a65ac46d6923a87ccf60c49722a021eb1136d8888

Security Headers

Name	Value
Strict-Transport-Security	max-age=15770000; includeSubDomains

Request headers

Accept: application/json
Referer
Authorization: Bearer eka1328dhn9vkkpk33jgea3iohmdig1uk13u
Accept-Language: de-DE,de;q=0.9
SplitSDKVersion: react-1.2.0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: application/json

Response headers

strict-transport-security: max-age=15770000; includeSubDomains
content-encoding: gzip
etag: "-2023557658--gzip"
age: 5035
x-cache: HIT, MISS
content-length: 63
via: 1.1 varnish, 1.1 varnish
x-request-id: 1yw5zsvetco
x-served-by: cache-dca17737-DCA, cache-fra19170-FRA
last-modified: Mon, 22 Nov 2021 03:02:22 GMT
x-timer: S1637555180.255408,VS0,VE110
date: Mon, 22 Nov 2021 04:26:20 GMT
vary: Origin, Accept-Encoding, Cookie
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin,X-Request-ID
cache-control: no-transform, max-age=60, s-maxage=60
trace: cache-dca17746-DCA-169fbd9e-3338-42ae-8444-a6c725d3aa69; cache-fra19170-FRA-44e2c4a3-9bfb-4091-8b83-fbb909f5acff
accept-ranges: bytes
x-cache-hits: 1, 0

OPTIONS
H2 200 splitChanges
sdk.split.io/api/ 0
0 7ms
7ms Preflight 151.101.131.9
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk.split.io/api/splitChanges?since=1637550142827
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.9 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,content-type,splitsdkversion
Origin: https://afl.playhq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

server: Varnish
retry-after: 0
allow: HEAD,GET,OPTIONS,POST,PUT,DELETE
access-control-allow-headers: X-Requested-With, Origin, Content-Type, Accept, Authorization, Content-Length, X-User-Token, X-Request-ID, SplitSDKMachineName, SplitSDKMachineIP, SplitSDKVersion, Cache-Control
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-max-age: 7200
accept-ranges: bytes
date: Mon, 22 Nov 2021 04:26:20 GMT
via: 1.1 varnish
x-served-by: cache-fra19170-FRA
x-cache: HIT
x-cache-hits: 0
x-timer: S1637555180.247647,VS0,VE0
vary: Cookie
access-control-allow-origin: https://afl.playhq.com
content-length: 37

POST
H2 200 pub648214272357bd07524130e444f65596
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
94 B 457ms
248ms Ping
application/json 2600:1f18:24e6:b901:e9e2:b3f7:8af0:dca7
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub648214272357bd07524130e444f65596?ddsource=browser&ddtags=sdk_version%3A3.6.8%2Cenv%3Aproduction%2Cservice%3Afastbreak-afl%2Cversion%3A10.21.0&batch_time=1637555180966
Requested by: Host: afl.playhq.com
URL: https://afl.playhq.com/static/js/238.16f602c8.chunk.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b901:e9e2:b3f7:8af0:dca7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 22 Nov 2021 04:26:21 GMT
content-length: 2
content-type: application/json

Verdicts & Comments Add Verdict or Comment

24 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
afl.playhq.com/	1970-01-19 22:52:36	Name: _dd_s Value: rum=1&id=b6423e02-3aad-44b8-a217-42c61bb08961&created=1637555179173&expire=1637556079173
.playhq.com/	1970-01-20 16:23:47	Name: _ga Value: GA1.2.126287229.1637555179
.playhq.com/	1970-01-19 22:54:01	Name: _gid Value: GA1.2.57746749.1637555179
.playhq.com/	1970-01-19 22:52:35	Name: _gat_UA-145253987-2 Value: 1

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	Message: The script has an unsupported MIME type ('text/html').

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src 'none'; script-src 'self' 'unsafe-inline' https://js.stripe.com https://m.stripe.com https://m.stripe.network https://www.googletagmanager.com https://www.google-analytics.com https://unpkg.com https://cdn.polyfill.io https://storage.googleapis.com https://fast.appcues.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://fast.appcues.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://playhq-cricket-australia.au.auth0.com https://fidm.au1.gigya.com https://fidm.us1.gigya.com https://.playhq.com wss://.playhq.com https://cognito-idp.ap-southeast-2.amazonaws.com https://s3.ap-southeast-2.amazonaws.com https://www.google-analytics.com https://events.split.io https://auth.split.io https://o297455.ingest.sentry.io https://sentry.io https://sdk.split.io https://streaming.split.io wss://api.appcues.net https://rum-http-intake.logs.datadoghq.com https://stats.g.doubleclick.net; frame-src 'unsafe-inline' https://js.stripe.com https://www.googletagmanager.com; img-src 'self' https://*.playhq.com https://www.google-analytics.com data: https://res.cloudinary.com/playhq/; manifest-src 'self'; child-src 'self'
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

afl.playhq.com
auth.split.io
fast.appcues.com
fonts.googleapis.com
fonts.gstatic.com
rum-http-intake.logs.datadoghq.com
sdk.split.io
streaming.split.io
www.google-analytics.com
www.googletagmanager.com
143.204.98.56
151.101.131.9
2600:1f18:24e6:b901:e9e2:b3f7:8af0:dca7
2600:9000:2156:5400:4:e7f8:4c00:93a1
2a00:1450:4001:808::2003
2a00:1450:4001:811::200e
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2008
2a04:4e42::622
52.21.69.200
007ed8e7d32db4f18477700a65ac46d6923a87ccf60c49722a021eb1136d8888
2070e9ec5ea66461693a174cf782efa1090e0ca1988968cc1115d019e7b80a95
2e0b5715a67c41bfef91059cd4bf82fca6982125a99f35142e410bf80bc8e178
2fe8f21d3a68e80873a16eb8a8dd29308fa97b8cc650087ad0038d44000b460c
38f1e626599c86d2ab1cde06189152c8fce9e1846f131735d42e5d9d90efbc0b
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4df700fac858b1db305a25ee62249613f6839b32d464192a093d556af0d3e9e8
4eafdb9eb5a7dd2effc170fda024154c6699e01ba531bb211df70f3745971fe9
50452d38c5e4d6d5c7e66daade7430307abd94bee00c05d01b08edaacfc4eedf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7f118e242bfb2318d45f1aed9ed1f434c8f89f945023337ffb29c8d7cbc3175c
82103060e5ec17dfd2e1b2226392fe3c378010855eb0f8544b411bb84b26ea34
894e302904072e453d2995fcaeb7d4e466e7963fc159e6864d639acc256d6048
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8e1eb9d3dffae5ae7c22de7af17d2283bb3ba045bd8927bb8e101211950f687
afa29dd360e5e7da014630fcd4eff6a2239ba8f6e5baa306abce5257c730e2cb
c6eab7eadc8392d52e24f48bc4aeec72de30495806a4c72212f51e948d35cf59
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cb6e74951b276f25770b35ae0e206139f1494d73cce9c72382731c50c7b8880f
cd50fab929a6ec65d6971cfa3e97cee05f7a6001561d36c5a88053f8cd7fbe1c
cdee4bfa2c5a0b52e2cf59b4df1d9e69af6f70cec9d52edba7d18945dbaa0233
d4c676ed415cb16654c1309c8c2ee790db12f4a5ae5efb675a595ddd31a6a9e3
d6430d5c4bf725b52bdc011ada7af30f45f3e76e04f13dfd3264b09c8ee81404
f5519fb2ec3a1d61729d491be9e09bf11b0fc63e63315012d69ab884e653a78a

afl.playhq.com Open in urlscan Pro 2600:9000:2156:5400:4:e7f8:4c00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

33 Requests

100 %HTTPS

70 %IPv6

8 Domains

10 Subdomains

10 IPs

2 Countries

837 kBTransfer

2977 kBSize

4 Cookies

0 Outgoing links

Redirected requests

33 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

afl.playhq.com Open in urlscan Pro
2600:9000:2156:5400:4:e7f8:4c00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

70 %
IPv6

8
Domains

10
Subdomains

10
IPs

2
Countries

837 kB
Transfer

2977 kB
Size

4
Cookies

33 HTTP transactions
0 data transactions