m.highflyercasino.com Open in urlscan Pro
104.18.20.172 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://hfca.xyz/0js5
Effective URL:
https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10
Submission: On June 18 via api (June 18th 2022, 3:21:57 am UTC) from LU — Scanned from DE

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 21 domains to perform 89 HTTP transactions. The main IP is 104.18.20.172, located in and belongs to CLOUDFLARENET, US. The main domain is m.highflyercasino.com.
TLS certificate: Issued by SSL.com RSA SSL subCA on August 20th 2020. Valid for: 2 years.

This is the only time m.highflyercasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	200.124.136.139 200.124.136.139	26505 (E-Commerc...) (E-Commerce Park)
10	104.18.20.172 104.18.20.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:201... 2600:9000:2016:9000:e:786e:9000:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:2251:a000:2:7580:31c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	91.201.28.211 91.201.28.211	203480 (QUALITYUNIT) (QUALITYUNIT)
2	18.66.248.223 18.66.248.223	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	104.18.21.172 104.18.21.172	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.248.200.150 13.248.200.150	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:24e... 2600:1f18:24e6:b900:8e19:7817:863:c961	14618 (AMAZON-AES) (AMAZON-AES)
11	34.236.232.170 34.236.232.170	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:401b:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
13	108.157.4.91 108.157.4.91	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:225f:e800:12:94b3:c380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	143.204.89.79 143.204.89.79	16509 (AMAZON-02) (AMAZON-02)
2	143.204.89.95 143.204.89.95	16509 (AMAZON-02) (AMAZON-02)
89	25

1 200.124.136.139 (Curacao) 1 redirects

ASN26505 (E-Commerce Park, N.V., CW)
PTR: sub-136ip139.e-commercepark.com

hfca.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.20.172 (None, )

ASN13335 (CLOUDFLARENET, US)

m.highflyercasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cookies.highflyercasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2016:9000:e:786e:9000:93a1 (United States)

ASN16509 (AMAZON-02, US)

assets.zuko.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2251:a000:2:7580:31c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

06913606-cc12-4bc8-8303-9e5b374a3fc5.snippet.antillephone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.201.28.211 (Slovakia)

ASN203480 (QUALITYUNIT, SK)

www.gamingpartners.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.223 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-223.dus51.r.cloudfront.net

www.datadoghq-browser-agent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.21.172 (None, )

ASN13335 (CLOUDFLARENET, US)

cookies.highflyercasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.200.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a919daa9564471cec.awsglobalaccelerator.com

api.paymentiq.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:24e6:b900:8e19:7817:863:c961 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

rum-http-intake.logs.datadoghq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 34.236.232.170 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-236-232-170.compute-1.amazonaws.com

wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:401b:802::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.contentful.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 108.157.4.91 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-91.dus51.r.cloudfront.net

assetscdn-wchat.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:225f:e800:12:94b3:c380:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.ctfassets.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.89.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-79.fra50.r.cloudfront.net

rts-static-prod.freshworksapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.89.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-95.fra50.r.cloudfront.net

29576747429889.webpush.freshchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	freshchat.com wchat.freshchat.com — Cisco Umbrella Rank: 10470 assetscdn-wchat.freshchat.com — Cisco Umbrella Rank: 17336 29576747429889.webpush.freshchat.com	663 KB
12	highflyercasino.com m.highflyercasino.com cookies.highflyercasino.com	2 MB
8	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 356 fonts.googleapis.com — Cisco Umbrella Rank: 67	235 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	40 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 246	4 KB
4	gamingpartners.co.uk www.gamingpartners.co.uk	16 KB
2	contentful.com cdn.contentful.com — Cisco Umbrella Rank: 10406	164 KB
2	gstatic.com fonts.gstatic.com	88 KB
2	datadoghq.com rum-http-intake.logs.datadoghq.com — Cisco Umbrella Rank: 3438	251 B
2	paymentiq.io api.paymentiq.io — Cisco Umbrella Rank: 648405	34 KB
2	datadoghq-browser-agent.com www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 2996	42 KB
2	antillephone.com 06913606-cc12-4bc8-8303-9e5b374a3fc5.snippet.antillephone.com	4 KB
2	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1423	76 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 96	78 KB
2	zuko.io assets.zuko.io — Cisco Umbrella Rank: 356885	10 KB
1	freshworksapi.com rts-static-prod.freshworksapi.com — Cisco Umbrella Rank: 10904	25 KB
1	ctfassets.net images.ctfassets.net — Cisco Umbrella Rank: 4330	73 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5111	501 B
1	google.com www.google.com — Cisco Umbrella Rank: 9	501 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 125	446 B
1	hfca.xyz 1 redirects hfca.xyz	496 B
89	21

	Domain	Requested by
13	assetscdn-wchat.freshchat.com	wchat.freshchat.com assetscdn-wchat.freshchat.com
11	wchat.freshchat.com	m.highflyercasino.com wchat.freshchat.com assetscdn-wchat.freshchat.com
9	m.highflyercasino.com	m.highflyercasino.com www.datadoghq-browser-agent.com
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com m.highflyercasino.com
6	maps.googleapis.com	m.highflyercasino.com maps.googleapis.com
4	cdnjs.cloudflare.com	m.highflyercasino.com
4	www.gamingpartners.co.uk	m.highflyercasino.com www.gamingpartners.co.uk
3	cookies.highflyercasino.com	www.datadoghq-browser-agent.com
2	29576747429889.webpush.freshchat.com	wchat.freshchat.com 29576747429889.webpush.freshchat.com
2	cdn.contentful.com	www.datadoghq-browser-agent.com
2	fonts.gstatic.com	fonts.googleapis.com
2	rum-http-intake.logs.datadoghq.com	www.datadoghq-browser-agent.com
2	api.paymentiq.io	m.highflyercasino.com
2	fonts.googleapis.com	m.highflyercasino.com
2	www.datadoghq-browser-agent.com	m.highflyercasino.com
2	06913606-cc12-4bc8-8303-9e5b374a3fc5.snippet.antillephone.com	m.highflyercasino.com
2	www.googleoptimize.com	m.highflyercasino.com
2	www.googletagmanager.com	m.highflyercasino.com
2	assets.zuko.io	m.highflyercasino.com
1	rts-static-prod.freshworksapi.com	assetscdn-wchat.freshchat.com
1	images.ctfassets.net
1	www.google.de
1	www.google.com
1	stats.g.doubleclick.net	www.datadoghq-browser-agent.com
1	hfca.xyz	1 redirects
89	25

This site contains no links.

Subject Issuer	Validity	Valid
*.highflyercasino.com SSL.com RSA SSL subCA	`2020-08-20` - `2022-08-20`	2 years	crt.sh
zuko.io Amazon	`2021-08-12` - `2022-09-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.snippet.antillephone.com Starfield Secure Certificate Authority - G2	`2022-04-02` - `2023-05-04`	a year	crt.sh
www.gamingpartners.co.uk Go Daddy Secure Certificate Authority - G2	`2021-07-06` - `2022-08-07`	a year	crt.sh
*.datadoghq-browser-agent.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-17` - `2023-02-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.paymentiq.io Amazon	`2021-12-23` - `2023-01-21`	a year	crt.sh
*.logs.datadoghq.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-26` - `2023-04-26`	a year	crt.sh
*.freshchat.com Amazon	`2022-03-23` - `2023-04-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
cdn.contentful.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-12-24` - `2023-01-25`	a year	crt.sh
freshchat.com Amazon	`2021-07-13` - `2022-08-11`	a year	crt.sh
images.ctfassets.net Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
freshworksapi.com Amazon	`2022-01-03` - `2023-01-31`	a year	crt.sh
*.wchat.webpush.myfreshworks.com Amazon	`2021-07-21` - `2022-08-19`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10
Frame ID: AC9F4B57CF6E14031A251560DDECBD6B
Requests: 63 HTTP requests in this frame

Frame: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Frame ID: CADDDBAA236B965238B5B62DCAF7D63C
Requests: 21 HTTP requests in this frame

Frame: https://29576747429889.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Frame ID: 9253C94BD3825E490C8166B92767610D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

HighFlyerCasino.com

Page URL History Show full URLs

http://hfca.xyz/0js5 HTTP 302
https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10 Page URL
https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10 Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Freshchat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

wchat\.freshchat\.com/js/widget\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

89
Requests

93 %
HTTPS

56 %
IPv6

21
Domains

25
Subdomains

25
IPs

7
Countries

3569 kB
Transfer

12263 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://hfca.xyz/0js5 HTTP 302
https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10 Page URL
https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://hfca.xyz/0js5 HTTP 302
https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

89 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

mypromotions Show response
m.highflyercasino.com/mv2/
Redirect Chain

http://hfca.xyz/0js5
https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

5 KB
2 KB

684ms
605ms

Document
text/html

104.18.20.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.20.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cfe70d0841813b3f29d405cf0235ba568bd641ccec2710c2e9bc6c6ea7b1f50

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=360,stale-while-revalidate=420
cf-cache-status: DYNAMIC
cf-ray: 71d0e596f927912b-FRA
content-encoding: gzip
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
content-type: text/html
date: Sat, 18 Jun 2022 03:21:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 23 May 2022 08:55:40 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by
x-xss-protection: 1; mode=block

Redirect headers

Cache-Control: no-cache
Content-Length: 0
Content-Security-Policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Date: Sat, 18 Jun 2022 03:21:46 GMT
Expires: -1
Location: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10
Pragma: no-cache
Server
Strict-Transport-Security: max-age=31536000; includeSubdomains
X-AspNet-Version: 4.0.30319
X-Content-Type-Options: nosniff
X-Powered-By
X-Xss-Protection: 1; mode=block

GET
H2 200 client.min.js Show response
assets.zuko.io/js/v2/ 13 KB
5 KB 206ms
25ms Script
application/javascript 2600:9000:2016:9000:e:786e:9000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zuko.io/js/v2/client.min.js
Requested by: Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:9000:e:786e:9000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d385066575c705bf3921a518d5f48fcc1ba92d1171719f3a2930234be4304c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 02:23:23 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 09:59:40 GMT
server: AmazonS3
age: 3520
etag: W/"ca7021e8537e9709126e4601dcefddea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 84465451fc5898ca8155a82c8976074e.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: HA0z0tknEZ6qkAHtVDeDk7-zrZyrKrerLjAjcWTsU0jFLwFNzcIv2w==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 87ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-118703340-11

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5773626ddb9ef01730088dd1bd008fbbd2ffa62dcae850d5a71eb1fb32643baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39815
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Jun 2022 03:21:48 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 97 KB
38 KB 88ms
33ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KVK6HK2

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9aa0c0db7bb96280fd34ecb5a14e6cca99bd07e4b2483af47ba47b719a8f0c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38747
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Jun 2022 03:21:48 GMT

GET
H2 200 apg-seal.js Show response
06913606-cc12-4bc8-8303-9e5b374a3fc5.snippet.antillephone.com/ 3 KB
2 KB 252ms
82ms Script
text/javascript 2600:9000:2251:a000:2:7580:31c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://06913606-cc12-4bc8-8303-9e5b374a3fc5.snippet.antillephone.com/apg-seal.js

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:a000:2:7580:31c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

977a5351b70646f24a14c35c55740c8ac5342012e9fe3a43cdbf63919cba1c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-amz-cf-pop: FRA60-P3
x-powered-by: Express
x-cache: Miss from cloudfront
server: cloudflare
etag: W/"dcb-TZG9kEBgznPEvROQvta09Q+NKx0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/javascript; charset=utf-8
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
cache-control: max-age=300
cf-ray: 71d0e59bfd145b6e-FRA
x-amz-cf-id: Fl_XfxKSUsAlnG403s2VxqDns-9XFUoJxlUWvRRDXTCJTTJesBaDCg==

GET
H2 200 6e9ejyx6h Show response
www.gamingpartners.co.uk/scripts/ 31 KB
7 KB 517ms
34ms Script
application/javascript 91.201.28.211
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gamingpartners.co.uk/scripts/6e9ejyx6h

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.201.28.211 , Slovakia, ASN203480 (QUALITYUNIT, SK),

Reverse DNS

Software

nginx /

Resource Hash

66f97a0d7be0e3638392e31e4dc62547e6151b4c15030373fe5034af50e4b5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-srv: 2
age: 27
vary: Accept-Encoding
content-length: 7215
last-modified: Thu, 21 Apr 2022 09:02:10 GMT
server: nginx
etag: "7cf4-5dd265d750880"
strict-transport-security: max-age=31536000
x-varnish: 24212103 26512436
via: 1.1 varnish (1.lb-app.pap.ws-eu)
cache-control: max-age=120
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 18 Jun 2022 03:23:21 GMT

GET
H2 200 datadog-rum-us.js Show response
www.datadoghq-browser-agent.com/ 64 KB
21 KB 180ms
17ms Script
application/javascript 18.66.248.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Requested by: Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-223.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:14 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 12:21:10 GMT
server: AmazonS3
age: 35
etag: W/"20e006a0c5730657dae04bb52a46d540"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: bMxk5cNs6uxx2PNTl7iw2DpXRr_nQx7Zm6lTmGf2IZbwiHQOqRO8hg==

GET
H2 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
1 KB 69ms
25ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 699127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 382
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-50a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VcxfmistvZxEK2kHSch%2BxvVNFghkwgup%2F3p%2FHqlQtp5QqqTFSge%2BIjWP3AUCqBbwWdNCmLGy9x2Ucx%2B%2BnXC1GR2UbVTDkkxtMFRP%2FQcDRABaa8RG4k4WTKrw%2BzqjkZe4%2F5qk8K30%2BGE%2FxjyJaLrKe6U"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71d0e59b1c869201-FRA
expires: Thu, 08 Jun 2023 03:21:48 GMT

GET
H2 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
961 B 71ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 2013220
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 637
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-92d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KNx34uuieGHfTfb2Dqo2Y3%2BWgVz5nd7%2Fbt%2Bq%2F68sCHhGTthMg7%2Fehlz%2BqzRKwmvkQei%2FrGmOYddk%2FC%2ForYJsXkWKXfQgIFoCdGi5An89MvKOaK2UYQ66NsM22B0QcFjGvoWF5FguHdvHu1VN66iF8nAh"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71d0e59b1c879201-FRA
expires: Thu, 08 Jun 2023 03:21:48 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 168 KB
55 KB 116ms
59ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAm5PRubIhWvEsDJDETqM11l-jzXONCQyg&libraries=places

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

4f134846c31b01ed11d85972d39def5e7f220e815c980f692ef6e4fcd7f3c470

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=23
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56311
x-xss-protection: 0
expires: Sat, 18 Jun 2022 03:51:48 GMT

GET
H2 200 main.9bbd3307.css
m.highflyercasino.com/mv2/static/css/ 6 KB
2 KB 612ms
610ms Stylesheet
text/css 104.18.20.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.highflyercasino.com/mv2/static/css/main.9bbd3307.css

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.20.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc2fa540a35bf9afe5f1928209f18ca81cf837cb12f22185d7c04df94afe5535

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1934
x-xss-protection: 1; mode=block
last-modified: Fri, 20 May 2022 15:40:32 GMT
server: cloudflare
etag: "0587ff05f6cd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
accept-ranges: bytes
cf-ray: 71d0e59addc6912b-FRA
expires: Sat, 18 Jun 2022 07:21:48 GMT

GET
H2 200 main.b69d6a88.js Show response
m.highflyercasino.com/mv2/static/js/ 3 MB
1 MB 614ms
612ms Script
application/x-javascript 104.18.20.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.highflyercasino.com/mv2/static/js/main.b69d6a88.js

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.20.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd762b26d1a73e7dd9d3c641c41569d2d3aa3900d488c25fa422ae1f2b71727c

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Mon, 23 May 2022 08:55:40 GMT
server: cloudflare
etag: "86d8fbe0826ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
cf-ray: 71d0e59addc9912b-FRA
expires: Sat, 18 Jun 2022 07:21:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 69ms
19ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118703340-11

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1961
date: Sat, 18 Jun 2022 02:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 18 Jun 2022 04:49:07 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 82ms
38ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAm5PRubIhWvEsDJDETqM11l-jzXONCQyg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://m.highflyercasino.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

POST
H3 200 collect
www.google-analytics.com/j/ 2 B
22 B 150ms
97ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1610918363&t=pageview&_s=1&dl=https%3A%2F%2Fm.highflyercasino.com%2Fmv2%2Fmypromotions%3Flogin_name%3Dkaishu10&ul=en-us&de=UTF-8&dt=HighFlyerCasino.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=229249901&gjid=1461020789&cid=1410910427.1655522509&tid=UA-118703340-11&_gid=1505589134.1655522509&_r=1&gtm=2ou6f0&z=2033037911

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.highflyercasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Jun 2022 03:21:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://m.highflyercasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ 28 KB
2 KB 108ms
53ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/static/css/main.9bbd3307.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef073d0feeec0a92889b9589b299eec93cc6d85c6c45869ff8ae145186cb7f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 01:23:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 18 Jun 2022 03:21:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Jun 2022 03:21:48 GMT

OPTIONS
H2 204 InsertWebVisitor
cookies.highflyercasino.com/api/Tracker/ Frame 0
0 558ms
495ms Preflight 104.18.21.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookies.highflyercasino.com/api/Tracker/InsertWebVisitor?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.21.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-site-name
Access-Control-Request-Method: POST
Origin: https://m.highflyercasino.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-site-name
access-control-allow-methods: POST
access-control-allow-origin: https://m.highflyercasino.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71d0e5a12e199bda-FRA
date: Sat, 18 Jun 2022 03:21:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

GET
H2 200 6e9eryx6h
www.gamingpartners.co.uk/scripts/ 66 B
453 B 33ms
33ms Script
application/x-javascript 91.201.28.211
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gamingpartners.co.uk/scripts/6e9eryx6h?accountId=default1&url=S_m.highflyercasino.com%2Fmv2%2Fmypromotions&referrer=&isInIframe=false&getParams=%3Flogin_name%3Dkaishu10&anchor=
Requested by: Host: www.gamingpartners.co.uk
URL: https://www.gamingpartners.co.uk/scripts/6e9ejyx6h
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.201.28.211 , Slovakia, ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-type: application/octet-stream, application/x-javascript
content-length: 66
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET ff-sw.js
m.highflyercasino.com/mv2/ 0
0

GET
H/1.1 200 100110005
api.paymentiq.io/paymentiq/api/viq/jscardencrypter/ 52 KB
17 KB 193ms
54ms Script
application/javascript 13.248.200.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.paymentiq.io/paymentiq/api/viq/jscardencrypter/100110005
Requested by: Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/static/js/main.b69d6a88.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.200.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a919daa9564471cec.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:49 GMT
content-encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
vary: accept-encoding
Content-Type: application/javascript;charset=utf-8

POST InsertWebVisitor
cookies.highflyercasino.com/api/Tracker/ 0
0

GET
H3 200 Primary Request login Show response
m.highflyercasino.com/mv2/ 5 KB
2 KB 611ms
610ms Document
text/html 104.18.20.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/static/js/main.b69d6a88.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1cfe70d0841813b3f29d405cf0235ba568bd641ccec2710c2e9bc6c6ea7b1f50

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.highflyercasino.com/mv2/mypromotions?login_name=kaishu10
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=360,stale-while-revalidate=420
cf-cache-status: DYNAMIC
cf-ray: 71d0e5a0d817923b-FRA
content-encoding: gzip
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
content-type: text/html
date: Sat, 18 Jun 2022 03:21:49 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Mon, 23 May 2022 08:55:40 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-powered-by
x-xss-protection: 1; mode=block

POST
H2 200 pub1950a667ace0e27173095aa9c7591476
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
126 B 412ms
158ms Ping
application/json 2600:1f18:24e6:b900:8e19:7817:863:c961
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub1950a667ace0e27173095aa9c7591476?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cservice%3Afirefly%2Cversion%3A12.55.4&batch_time=1655522508919
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:8e19:7817:863:c961 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://m.highflyercasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 18 Jun 2022 03:21:49 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1610918363&t=screenview&_s=2&cd=mypromotions&dl=https%3A%2F%2Fm.highflyercasino.com%2Fmv2%2Fmypromotions%3Flogin_name%3Dkaishu10&ul=en-us&de=UTF-8&dt=HighFlyerCasino.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEBAAUABAAAAAC~&jid=&gjid=&cid=1410910427.1655522509&tid=UA-118703340-11&_gid=1505589134.1655522509&gtm=2ou6f0&z=935199696

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84699
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget.js
wchat.freshchat.com/js/ 55 KB
17 KB 443ms
212ms Script
application/javascript 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/static/js/main.b69d6a88.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:49 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: ff1ee4cc-5531-4011-b0c6-2e9527678ce6
x-trace-id: 00-e5ce01d07bbad32412e03acbbe175f93-44eaa1f31a2f77b0-00
served-by: 2601
last-modified: Tue, 14 Jun 2022 07:36:16 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 2601
Content-Type: application/javascript

POST
H2 200 collect
stats.g.doubleclick.net/j/ 4 B
446 B 84ms
29ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-118703340-11&cid=1410910427.1655522509&jid=229249901&gjid=1461020789&_gid=1505589134.1655522509&_u=YEBAAUAAAAAAAC~&z=1747789156

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.highflyercasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 18 Jun 2022 03:21:48 GMT
content-type: text/plain
access-control-allow-origin: https://m.highflyercasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 145ms
57ms Image
image/gif 2a00:1450:401b:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-118703340-11&cid=1410910427.1655522509&jid=229249901&_u=YEBAAUAAAAAAAC~&z=2086995078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:401b:802::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Jun 2022 03:21:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 88ms
32ms Image
image/gif 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-118703340-11&cid=1410910427.1655522509&jid=229249901&_u=YEBAAUAAAAAAAC~&z=2086995078

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Jun 2022 03:21:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 0.aa3e9487.chunk.js
m.highflyercasino.com/mv2/static/js/ 0
0

GET 10.ffc3276a.chunk.js
m.highflyercasino.com/mv2/static/js/ 0
0

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.highflyercasino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 399911
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:16:38 GMT

POST pub1950a667ace0e27173095aa9c7591476
rum-http-intake.logs.datadoghq.com/v1/input/ 0
0

GET
H2 200 client.min.js Show response
assets.zuko.io/js/v2/ 13 KB
5 KB 30ms
28ms Script
application/javascript 2600:9000:2016:9000:e:786e:9000:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.zuko.io/js/v2/client.min.js
Requested by: Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2016:9000:e:786e:9000:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1d385066575c705bf3921a518d5f48fcc1ba92d1171719f3a2930234be4304c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 02:23:23 GMT
content-encoding: gzip
last-modified: Wed, 08 Jun 2022 09:59:40 GMT
server: AmazonS3
age: 3521
etag: W/"ca7021e8537e9709126e4601dcefddea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 84465451fc5898ca8155a82c8976074e.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: iXwX-EDQ1zcQhZb3d2de3e1za-9lVSXLuar09OXp7KeqJ2Bt32KcPQ==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 101 KB
39 KB 79ms
33ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-118703340-11

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

042190f75f291b1ec7eeb7aed61985294b5f8a45e408eb5833a576d8eab9973f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39811
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Jun 2022 03:21:49 GMT

GET
H3 200 optimize.js Show response
www.googleoptimize.com/ 97 KB
38 KB 82ms
35ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-KVK6HK2

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9aa0c0db7bb96280fd34ecb5a14e6cca99bd07e4b2483af47ba47b719a8f0c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:49 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38747
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 03:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Jun 2022 03:21:49 GMT

GET
H2 200 apg-seal.js Show response
06913606-cc12-4bc8-8303-9e5b374a3fc5.snippet.antillephone.com/ 3 KB
2 KB 38ms
36ms Script
text/javascript 2600:9000:2251:a000:2:7580:31c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://06913606-cc12-4bc8-8303-9e5b374a3fc5.snippet.antillephone.com/apg-seal.js

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2251:a000:2:7580:31c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare / Express

Resource Hash

977a5351b70646f24a14c35c55740c8ac5342012e9fe3a43cdbf63919cba1c8f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:48 GMT
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
age: 1
x-powered-by: Express
x-cache: Hit from cloudfront
server: cloudflare
etag: W/"dcb-TZG9kEBgznPEvROQvta09Q+NKx0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15724800; includeSubDomains
content-type: text/javascript; charset=utf-8
via: 1.1 6fc439c8bc0a64a7ab978ce699795274.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-pop: FRA60-P3
cf-ray: 71d0e59bfd145b6e-FRA
x-amz-cf-id: cw8bHC5_gg7fhH4GZiu6I62TaLyeRm234ZztCpTeO9Au-3lQqmfLJw==

GET
H2 200 6e9ejyx6h Show response
www.gamingpartners.co.uk/scripts/ 31 KB
7 KB 39ms
37ms Script
application/javascript 91.201.28.211
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gamingpartners.co.uk/scripts/6e9ejyx6h

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.201.28.211 , Slovakia, ASN203480 (QUALITYUNIT, SK),

Reverse DNS

Software

nginx /

Resource Hash

66f97a0d7be0e3638392e31e4dc62547e6151b4c15030373fe5034af50e4b5c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-srv: 2
age: 28
vary: Accept-Encoding
content-length: 7215
last-modified: Thu, 21 Apr 2022 09:02:10 GMT
server: nginx
etag: "7cf4-5dd265d750880"
strict-transport-security: max-age=31536000
x-varnish: 25601314 26512436
via: 1.1 varnish (1.lb-app.pap.ws-eu)
cache-control: max-age=120
accept-ranges: bytes
content-type: application/javascript
expires: Sat, 18 Jun 2022 03:23:21 GMT

GET
H2 200 datadog-rum-us.js Show response
www.datadoghq-browser-agent.com/ 64 KB
21 KB 33ms
31ms Script
application/javascript 18.66.248.223
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Requested by: Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.223 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-223.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:14 GMT
content-encoding: br
last-modified: Mon, 19 Jul 2021 12:21:10 GMT
server: AmazonS3
age: 36
etag: W/"20e006a0c5730657dae04bb52a46d540"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
cache-control: max-age=14400, s-maxage=60
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: bEkRy0AWwj0sH4UENexHaCkmuUhDH3GlvMziqt1HlEd30Z_8vHs2gg==

GET
H3 200 slick.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 1 KB
1 KB 57ms
27ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick.min.css

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 9457596
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 382
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-50a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WPIvfHGdj4Ma3T16%2FEGILZMmyQR2CnKMfrP2RJEXetL%2B2ERNEx%2FHh%2BdOqUb%2BG0QsW9dOB9Dx%2FA0WhsuWiO1Uc8iuqzHTys%2B8tDYdDeXulr41eQhHM%2FSWGl05JNdaVNxWjzSY6qfrjVZKCV%2FxQPCRdCik"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71d0e5a4eeb39131-FRA
expires: Thu, 08 Jun 2023 03:21:49 GMT

GET
H3 200 slick-theme.min.css
cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/ 2 KB
1 KB 56ms
26ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/slick-carousel/1.6.0/slick-theme.min.css

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:49 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 103029
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 637
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:16:21 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fd5-92d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n1J7dZl8BTB8swTJYWhkBrH49YTAocNBnYfJQh8fgH5sZQlqrmHpJkE4CW46MxTwMbdareL%2BUUXO6DvgkwFNW8bJ%2BS4eib3jXiiTLyJ%2Bhr%2B1ekm%2BoL7oQmFikqt0AfDB33ga4kz8LqnoYKFNJ%2Biwi1Ka"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71d0e5a4eeb29131-FRA
expires: Thu, 08 Jun 2023 03:21:49 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 168 KB
55 KB 344ms
43ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyAm5PRubIhWvEsDJDETqM11l-jzXONCQyg&libraries=places

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

4f134846c31b01ed11d85972d39def5e7f220e815c980f692ef6e4fcd7f3c470

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:49 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=12
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56311
x-xss-protection: 0
expires: Sat, 18 Jun 2022 03:51:49 GMT

GET
H3 200 main.9bbd3307.css
m.highflyercasino.com/mv2/static/css/ 6 KB
2 KB 645ms
644ms Stylesheet
text/css 104.18.20.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.highflyercasino.com/mv2/static/css/main.9bbd3307.css

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc2fa540a35bf9afe5f1928209f18ca81cf837cb12f22185d7c04df94afe5535

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1609
x-xss-protection: 1; mode=block
last-modified: Fri, 20 May 2022 15:40:32 GMT
server: cloudflare
etag: "0587ff05f6cd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
accept-ranges: bytes
cf-ray: 71d0e5a4fac0923b-FRA
expires: Sat, 18 Jun 2022 07:21:50 GMT

GET
H3 200 main.b69d6a88.js Show response
m.highflyercasino.com/mv2/static/js/ 3 MB
843 KB 760ms
759ms Script
application/x-javascript 104.18.20.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.highflyercasino.com/mv2/static/js/main.b69d6a88.js

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd762b26d1a73e7dd9d3c641c41569d2d3aa3900d488c25fa422ae1f2b71727c

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 862418
x-xss-protection: 1; mode=block
last-modified: Mon, 23 May 2022 08:55:40 GMT
server: cloudflare
etag: "08e93e0826ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
accept-ranges: bytes
cf-ray: 71d0e5a4ca9d923b-FRA
expires: Sat, 18 Jun 2022 07:21:50 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-118703340-11

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1962
date: Sat, 18 Jun 2022 02:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 18 Jun 2022 04:49:07 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 30ms
30ms XHR
application/json 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAm5PRubIhWvEsDJDETqM11l-jzXONCQyg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://m.highflyercasino.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1654659710&t=pageview&_s=1&dl=https%3A%2F%2Fm.highflyercasino.com%2Fmv2%2Flogin%3FreturnRoute%3Dmypromotions%3Flogin_name%3Dkaishu10&ul=en-us&de=UTF-8&dt=HighFlyerCasino.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAUAB~&jid=&gjid=&cid=1410910427.1655522509&tid=UA-118703340-11&_gid=1505589134.1655522509&gtm=2ou6f0&z=102849186

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84700
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css2
fonts.googleapis.com/ 28 KB
1 KB 77ms
31ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/static/css/main.9bbd3307.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ef073d0feeec0a92889b9589b299eec93cc6d85c6c45869ff8ae145186cb7f28

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 18 Jun 2022 03:04:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 18 Jun 2022 03:21:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Jun 2022 03:21:50 GMT

OPTIONS
H3 204 InsertWebVisitor
cookies.highflyercasino.com/api/Tracker/ Frame 0
0 676ms
612ms Preflight 104.18.21.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookies.highflyercasino.com/api/Tracker/InsertWebVisitor?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.21.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-site-name
Access-Control-Request-Method: POST
Origin: https://m.highflyercasino.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-site-name
access-control-allow-methods: POST
access-control-allow-origin: https://m.highflyercasino.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 71d0e5afbfb35ca4-FRA
date: Sat, 18 Jun 2022 03:21:51 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
strict-transport-security: max-age=15724800; includeSubDomains
vary: Origin

GET
H2 200 6e9eryx6h Show response
www.gamingpartners.co.uk/scripts/ 19 B
406 B 33ms
33ms Script
application/x-javascript 91.201.28.211
QUALITYUNIT

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gamingpartners.co.uk/scripts/6e9eryx6h?visitorId=5fmGJhgwYC32omOKxaUcKoM84clxZcaI&accountId=default1&tracking=1&url=S_m.highflyercasino.com%2Fmv2%2Flogin&referrer=S_m.highflyercasino.com%2Fmv2%2Fmypromotions%3Flogin_name%3Dkaishu10&isInIframe=false&getParams=%3FreturnRoute%3Dmypromotions&anchor=
Requested by: Host: www.gamingpartners.co.uk
URL: https://www.gamingpartners.co.uk/scripts/6e9ejyx6h
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 91.201.28.211 , Slovakia, ASN203480 (QUALITYUNIT, SK),
Reverse DNS
Software: nginx /
Resource Hash: 622aa050f0d004b41dd00cea283103050d88abf66b93503997aaad9c2cb44945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:51 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
server: nginx
content-type: application/octet-stream, application/x-javascript
content-length: 19
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 ff-sw.js Show response
m.highflyercasino.com/mv2/ 285 B
714 B 31ms
30ms Fetch
application/x-javascript 104.18.20.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.highflyercasino.com/mv2/ff-sw.js?version=12.55.4-master

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d057a2a7abbf79f04eb3b7efb288623255d5b4d6c3ffe31f87212ca32fd49a9

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 295
x-xss-protection: 1; mode=block
last-modified: Fri, 20 May 2022 15:40:36 GMT
server: cloudflare
etag: "0b2e1f25f6cd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
accept-ranges: bytes
cf-ray: 71d0e5af58fc923b-FRA
expires: Sat, 18 Jun 2022 07:21:51 GMT

GET
H/1.1 200 100110005 Show response
api.paymentiq.io/paymentiq/api/viq/jscardencrypter/ 52 KB
17 KB 53ms
52ms Script
application/javascript 13.248.200.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.paymentiq.io/paymentiq/api/viq/jscardencrypter/100110005
Requested by: Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/static/js/main.b69d6a88.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.200.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a919daa9564471cec.awsglobalaccelerator.com
Software: /
Resource Hash: 0734697543bd694d6f0e1fb7c141866fcb21d2a0514b48c215c9eec2c6e8dfc8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:51 GMT
content-encoding: gzip
Transfer-Encoding: chunked
Connection: keep-alive
vary: accept-encoding
Content-Type: application/javascript;charset=utf-8

POST
H3 200 InsertWebVisitor Show response
cookies.highflyercasino.com/api/Tracker/ 0
580 B 615ms
615ms XHR
text/plain 104.18.20.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookies.highflyercasino.com/api/Tracker/InsertWebVisitor?returnRoute=mypromotions?login_name=kaishu10

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept: application/json, text/plain, */*
x-site-name: HighFlyerCasino
Referer: https://m.highflyercasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 18 Jun 2022 03:21:52 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
access-control-allow-origin: https://m.highflyercasino.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
cf-ray: 71d0e5b39b67923b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
21ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1654659710&t=screenview&_s=2&cd=login&dl=https%3A%2F%2Fm.highflyercasino.com%2Fmv2%2Flogin%3FreturnRoute%3Dmypromotions%3Flogin_name%3Dkaishu10&ul=en-us&de=UTF-8&dt=HighFlyerCasino.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=SACAAUAB~&jid=&gjid=&cid=1410910427.1655522509&tid=UA-118703340-11&_gid=1505589134.1655522509&gtm=2ou6f0&z=1484858358

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 17 Jun 2022 03:50:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 84702
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget.js Show response
wchat.freshchat.com/js/ 55 KB
17 KB 109ms
109ms Script
application/javascript 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/widget.js

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/static/js/main.b69d6a88.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

b07907a9874e59df58448f4daba3df53b43c6339ec6f610b458aa660f50630ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:51 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: f11c1f2a-daaa-400d-be9f-f00bd90a0f7f
x-trace-id: 00-108e953381faf21b2b7341bc93c0279f-2019cb7d548857e2-00
served-by: 2601
last-modified: Tue, 14 Jun 2022 07:36:16 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 2601
Content-Type: application/javascript

GET
H3 200 81.e8bc099e.chunk.js Show response
m.highflyercasino.com/mv2/static/js/ 23 KB
9 KB 608ms
608ms Script
application/x-javascript 104.18.20.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://m.highflyercasino.com/mv2/static/js/81.e8bc099e.chunk.js

Requested by

Host: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/static/js/main.b69d6a88.js

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b324629f8466abd3dee4648ed22f2596b37c636e54607e2075faf51346f56a3

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8600
x-xss-protection: 1; mode=block
last-modified: Mon, 23 May 2022 08:55:37 GMT
server: cloudflare
etag: "591a23df826ed81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
accept-ranges: bytes
cf-ray: 71d0e5b099b3923b-FRA
expires: Sat, 18 Jun 2022 07:21:52 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v29/ 44 KB
44 KB 65ms
21ms Font
font/woff2 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v29/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://m.highflyercasino.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:16:38 GMT
x-content-type-options: nosniff
age: 399913
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44800
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:25:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:16:38 GMT

POST
H2 200 pub1950a667ace0e27173095aa9c7591476
rum-http-intake.logs.datadoghq.com/v1/input/ 2 B
125 B 236ms
235ms Ping
application/json 2600:1f18:24e6:b900:8e19:7817:863:c961
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub1950a667ace0e27173095aa9c7591476?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cservice%3Afirefly%2Cversion%3A12.55.4&batch_time=1655522511543
Requested by: Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:24e6:b900:8e19:7817:863:c961 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://m.highflyercasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 18 Jun 2022 03:21:51 GMT
cross-origin-resource-policy: cross-origin
content-length: 2
content-type: application/json

GET
H/1.1 200
OK / Show response
wchat.freshchat.com/widget/ Frame CADD 5 KB
3 KB 219ms
110ms Document
text/html 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

b9ae1cd1a58e44d7fb05315ed87fab804cd0ea20a3f3325683cdca947b569824

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Referer: https://m.highflyercasino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Type: text/html
Date: Sat, 18 Jun 2022 03:21:52 GMT
Transfer-Encoding: chunked
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
content-encoding: gzip
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
last-modified: Tue, 14 Jun 2022 07:36:16 GMT
served-by: 4082
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-envoy-upstream-service-time: 0
x-fw-ratelimiting-managed: false
x-request-id: fb3644a0-33ab-4895-828c-9a5253a0a302
x-server: 4082
x-trace-id: 00-f23ae9b0a0b04cbf98fc4415da227dec-dffcd45f905670b0-00
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK widget.css
wchat.freshchat.com/css/ 7 KB
2 KB 109ms
108ms Stylesheet
text/css 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/widget.css?t=1655522511970

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

d6999d7c9851d2686eb5ac16623f1c94a1a3c0d67fed5f8320d0c25ba26c3a7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:52 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: d743852b-f8c9-4f62-9e45-3d40ae58d795
x-trace-id: 00-f9d76b7831a9c6485f246df2ef9f1434-8d40993110b9bdc6-00
served-by: 2601
last-modified: Tue, 14 Jun 2022 07:36:16 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 2601
Content-Type: text/css
expires: Sun, 18 Jun 2023 03:21:52 GMT

GET
H3 200 logo.67ea9329.svg
m.highflyercasino.com/mv2/static/media/ 26 KB
11 KB 608ms
607ms Image
image/svg+xml 104.18.20.172
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.highflyercasino.com/mv2/static/media/logo.67ea9329.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.20.172 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d94e821024db6e11896d0d97630c8d9fc82ce7920dc9a6e8d54e55bfd3aba66

Security Headers

Name	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/mv2/login?returnRoute=mypromotions?login_name=kaishu10
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: MISS
x-powered-by
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10895
x-xss-protection: 1; mode=block
last-modified: Fri, 20 May 2022 15:31:50 GMT
server: cloudflare
etag: "0775cb95e6cd81:0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=14400
content-security-policy: default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
accept-ranges: bytes
cf-ray: 71d0e5b4ac0d923b-FRA
expires: Sat, 18 Jun 2022 07:21:52 GMT

GET
H2 200 entries Show response
cdn.contentful.com/spaces/dzysonrl624y/environments/master/ 1 MB
164 KB 25ms
24ms XHR
application/vnd.contentful.delivery.v1+json 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/dzysonrl624y/environments/master/entries?content_type=regLoginImage&include=10

Requested by

Host: www.datadoghq-browser-agent.com
URL: https://www.datadoghq-browser-agent.com/datadog-rum-us.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

4d902c92812b0a51ca978603142c79344146a2a0d166fd97c2419e3cf3b1572c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://m.highflyercasino.com/
Authorization: Bearer a727d714c13bd6451a40a911ec9d950e824535bda0c5238d7162dcc9d517a1c4
accept-language: de-DE,de;q=0.9
X-Contentful-User-Agent: sdk contentful.js/0.0.0-determined-by-semantic-release; platform browser; os Windows;
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
contentful-cache: HIT
contentful-api: cda
age: 236430
cf-organization-id: 12WzmHmQ1zfsaneY14dgnE
cf-environment-uuid: 5f7524d3-8a00-4cb3-9f69-a27a3eb7c127
x-cache: HIT
cf-space-id: dzysonrl624y
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature
content-length: 167672
x-served-by: cache-ewr18150-EWR, cache-hhn4043-HHN
x-contentful-request-id: 7df48869-2397-4a33-b755-cc4c84d1dfb7
server: Contentful
x-timer: S1655522512.289110,VS0,VE2
etag: W/"3562733826665770251"
access-control-max-age: 86400
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: application/vnd.contentful.delivery.v1+json
via: 1.1 varnish, 1.1 varnish
access-control-expose-headers: Etag
accept-ranges: bytes
access-control-allow-origin: *
cf-environment-id: master
x-contentful-route: /spaces/:space/environments/:environment/entries
x-contentful-region: us-east-1
x-cache-hits: 1, 1

OPTIONS
H2 204 entries
cdn.contentful.com/spaces/dzysonrl624y/environments/master/ Frame 0
0 183ms
105ms Preflight 151.101.114.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.contentful.com/spaces/dzysonrl624y/environments/master/entries?content_type=regLoginImage&include=10

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Contentful /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-contentful-user-agent
Access-Control-Request-Method: GET
Origin: https://m.highflyercasino.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: Accept,Accept-Language,Authorization,Cache-Control,Content-Length,Content-Range,Content-Type,DNT,Destination,Expires,If-Match,If-Modified-Since,If-None-Match,Keep-Alive,Last-Modified,Origin,Pragma,Range,User-Agent,X-Http-Method-Override,X-Mx-ReqToken,X-Requested-With,X-Contentful-Version,X-Contentful-Content-Type,X-Contentful-Organization,X-Contentful-Skip-Transformation,X-Contentful-User-Agent,X-Contentful-Enable-Alpha-Feature
access-control-allow-methods: GET,HEAD,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: Etag
access-control-max-age: 86400
age: 0
date: Sat, 18 Jun 2022 03:21:52 GMT
server: Contentful
via: 1.1 varnish, 1.1 varnish
x-cache: HIT
x-cache-hits: 10, 0
x-content-type-options: nosniff
x-contentful-region: us-east-1
x-contentful-request-id: 5d45cbc3-b83f-4b6b-b7b5-226298861a24
x-served-by: cache-ewr18157-EWR, cache-hhn4043-HHN
x-timer: S1655522512.179999,VS0,VE85

GET
H2 200 vendor.bd52f7d59d8335c4e4bb75788cab9d68.css
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 5 KB
2 KB 88ms
23ms Stylesheet
text/css 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.bd52f7d59d8335c4e4bb75788cab9d68.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c725a8b39a90b240c476e1f8c4737bcb47d002eb24ae560b011021d6a9178e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:17:38 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 07:36:21 GMT
server: AmazonS3
age: 257
etag: W/"bd52f7d59d8335c4e4bb75788cab9d68"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: NWLi4FzDHtZzVxfqXC3CpDXdicFqLT_Ar_repg1p3s2lqdMcvD3bFw==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H2 200 hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 0
410 B 91ms
26ms Stylesheet
text/css 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/hotline-web.d41d8cd98f00b204e9800998ecf8427e.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:18:53 GMT
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jun 2022 11:27:48 GMT
server: AmazonS3
age: 189
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 0
x-amz-cf-id: vr13mBMW8nrYoqfFxk6Ku4tmQm3GbNIzKKeOUd47tgMvYby9h4u4Aw==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H2 200 vendor.3474f8e0dcdb6126f26894076afa40d6.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 684 KB
181 KB 92ms
28ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:18:29 GMT
content-encoding: br
last-modified: Mon, 06 Jun 2022 11:27:49 GMT
server: AmazonS3
age: 218
etag: W/"3474f8e0dcdb6126f26894076afa40d6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: anHgSQR4yQwP_EkIYTioSCTye5D-S_7xVzcxkLJDpytyePSp7id0wg==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H2 200 generic-hf.png
images.ctfassets.net/dzysonrl624y/6Isxx8rozz8yGBBEsiUUYw/637efa9cc15a5225e1ce67423a856b06/ 72 KB
73 KB 292ms
220ms Image
image/png 2600:9000:225f:e800:12:94b3:c380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.ctfassets.net/dzysonrl624y/6Isxx8rozz8yGBBEsiUUYw/637efa9cc15a5225e1ce67423a856b06/generic-hf.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225f:e800:12:94b3:c380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Contentful Images API /
Resource Hash: edf7d2ad68a2b9aa001abf5936c997d5adf8eebc7d498b3e5bab75cea192e4ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 03:21:53 GMT
via: 1.1 2acbf2019107010c0ddc17d27100210c.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 07:14:54 GMT
server: Contentful Images API
x-amz-cf-pop: TXL50-P2
etag: "c78feb7c4d3431aac7896e293bcab03f"
x-cache: RefreshHit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 74076
x-amz-cf-id: h8UW_UtThS9jeU3z4qJj3FGUNZuYCbowMBOpGfF17j1T2oE3ZHs6aA==

GET
H2 200 5499.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 761 KB
176 KB 23ms
23ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/5499.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 214cbdc2ea11a16a93886f0740150705701cd56f0fba9b1cf6877db85d651e42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:18:29 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 07:36:18 GMT
server: AmazonS3
age: 211
etag: W/"c76b5e6fc14a43d21904407d1b3ad5dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: JrNHI_Tb9P8n42N4axVYRdDyGB-EdNNoc_MRnETCQy0X5m-xTF6Omw==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H2 200 chunk.87161e155f635521f424.css
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 221 KB
24 KB 24ms
23ms Stylesheet
text/css 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.87161e155f635521f424.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 695f84cc72df6f482a4d51af7ffa0a2475c71c334790d1f44849206f5bff473d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:17:45 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 07:36:19 GMT
server: AmazonS3
age: 254
etag: W/"26e5f72343020a88d2e5fb66f43ceadb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: T_85QXmf6_pKNLoHaulZHc9L3Vi_SUhQr8J6D0mHRrsZ0Mz8m0Qc0Q==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H2 200 fd-messaging.41a280ac0b6dc52adcf7.css
assetscdn-wchat.freshchat.com/static/ Frame CADD 221 KB
24 KB 24ms
24ms Stylesheet
text/css 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/fd-messaging.41a280ac0b6dc52adcf7.css
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 695f84cc72df6f482a4d51af7ffa0a2475c71c334790d1f44849206f5bff473d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:21:30 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 07:36:21 GMT
server: AmazonS3
age: 25
etag: W/"26e5f72343020a88d2e5fb66f43ceadb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: SB4MnmydLAtCrD9vH6yDMEyT67HrngMdmpVWGSBJCRsiGWy8KWyXLg==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H2 200 fd-messaging.d8dd0fc04f0f1fcf87fe.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 671 KB
119 KB 23ms
23ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.d8dd0fc04f0f1fcf87fe.js
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db5f869157b47266d1a5496f5a33d5accb62e4b7c2f3e98930c525b7c7a24046

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:19:11 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 07:36:20 GMT
server: AmazonS3
age: 162
etag: W/"429d397a8a2da79f77b8a509c7c46b2b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ViOb867NyaqrJ2yTYkZb8-8wz01T8Uy_lIWFlrH5L3SmBUitLbG0rA==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H2 200 rts-min.js Show response
rts-static-prod.freshworksapi.com/us/ Frame CADD 81 KB
25 KB 88ms
23ms Script
text/javascript 143.204.89.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rts-static-prod.freshworksapi.com/us/rts-min.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.d8dd0fc04f0f1fcf87fe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-79.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6bf2de7367fea30caf8ad2c9a806cc1ce7fc6bba3c44ac76d0ce4b0a91cbfd2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-version-id: irdz2v8UunIESGnLDxBbpJr42udkrOVj
content-encoding: gzip
etag: W/"34f7adb1c015d38a6973e40dd0ed5538"
last-modified: Mon, 13 Jun 2022 13:12:40 GMT
server: AmazonS3
age: 4
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 5721f7035c3fc934bd3f96dbb04ba1e4.cloudfront.net (CloudFront)
cache-control: no-cache
date: Sat, 18 Jun 2022 03:21:49 GMT
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: eO_sVxllq8-xmBm11AU0KDTPY9Xwtad6hSEKt8aTXzt8z-ePBGD8yw==

GET
H2 200 chunk.9b3502d809fa1f5069f6.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 4 KB
2 KB 23ms
23ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.9b3502d809fa1f5069f6.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.d8dd0fc04f0f1fcf87fe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fd94ecca9988977ff92ff315251299c678d8d42d1bb8af07414a6f6d6977dde0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:17:24 GMT
content-encoding: br
last-modified: Mon, 06 Jun 2022 11:27:47 GMT
server: AmazonS3
age: 270
etag: W/"f399d2552d695d2fe1f8fab74d6b60db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ZqvUgFZWkx1AmCn98_7_rZvFobj8DimgfmBfzJs6554Mgu_hCDCALw==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H2 200 chunk.0fd1c696f89a43a0969f.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 10 KB
4 KB 23ms
23ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.0fd1c696f89a43a0969f.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.d8dd0fc04f0f1fcf87fe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ecb10ad4b65902e569c07a08771927dcbbc0c3fd94adbc0f835c084363c8c2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:21:15 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 07:36:18 GMT
server: AmazonS3
age: 39
etag: W/"570b242c9fe40dad727d52dafe879d2c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: -lyybmItkeWrtwzvKsGAuZofL8-9zv5WTpke8fwMgBMZguI1IF5MAw==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H/1.1 200
OK config Show response
wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/ Frame CADD 1 KB
2 KB 122ms
121ms XHR
application/json 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/config?domain=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

a6cc1136220d4ba4beacbe320887320ba07409e9f42f162517c4145f55007afb

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:52 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 11
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: b8446e5f-56af-452f-bb14-4f0b1da7f16a
x-trace-id: 00-7d38e4667666d3539ec60381060d97c7-b93b1326a6deca95-00
served-by: 4082
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2999
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4082
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK co-browsing.js Show response
wchat.freshchat.com/js/ 27 KB
9 KB 111ms
111ms Script
application/javascript 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/js/co-browsing.js

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

f24272b7e48977792ed400569e6a4941ef3580337fda59775021eb09272bc1dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:53 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 1
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: d0baecda-9678-4d45-a468-fbf1f1080253
x-trace-id: 00-0666c912dbfe1585c5e96071d9a7823c-ad77dc619737de9f-00
served-by: 2601
last-modified: Tue, 14 Jun 2022 07:36:16 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=900, must-revalidate
x-server: 2601
Content-Type: application/javascript

GET
H2 206 notif.da662fefc5060dabf2859ea199198b14.mp3
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 4 KB
5 KB 24ms
24ms Media
audio/mpeg 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/notif.da662fefc5060dabf2859ea199198b14.mp3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32

Request headers

Referer: https://wchat.freshchat.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 18 Jun 2022 03:21:15 GMT
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
age: 40
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-4301/4302
Content-Length: 4302
last-modified: Tue, 14 Jun 2022 07:36:20 GMT
server: AmazonS3
etag: "a529450a7cfb4a60dea41ef294fa90dd"
content-type: audio/mpeg
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: 5bzQGB8BwJ9XwBXWmhO_ef_NpYrn-QWiLWBOnihAVVQd--BKfoH5jQ==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H/1.1 200
OK user Show response
wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/ Frame CADD 63 B
1 KB 116ms
116ms XHR
application/json 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/user

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:53 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 5
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: e20170d8-1693-4759-86f0-c07b6c9a51b5
x-trace-id: 00-f72ba50a9a486edbd45c43d3bb26a5ef-0ea8f2ed988f1700-00
served-by: 5323
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2998
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 5323
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H/1.1 200
OK cb.css
wchat.freshchat.com/css/ 1 KB
1 KB 109ms
108ms Stylesheet
text/css 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/css/cb.css?t=1655522513185

Requested by

Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/co-browsing.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:53 GMT
content-encoding: gzip
Transfer-Encoding: chunked
x-envoy-upstream-service-time: 0
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: 2cc714fc-d35c-4e22-98cc-ce03a6e026bb
x-trace-id: 00-0d5e89f264d9a0531f5397859a08ac28-cf245947438c77bc-00
served-by: 6714
last-modified: Tue, 14 Jun 2022 07:36:16 GMT
server: fwe
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: false
cache-control: max-age=31536000,no-cache, no-store, must-revalidate, pre-check=0, post-check=0,public
x-server: 6714
Content-Type: text/css
expires: Sun, 18 Jun 2023 03:21:53 GMT

GET
H/1.1 200
OK widget_info_v2 Show response
wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/ Frame CADD 43 KB
7 KB 196ms
196ms XHR
application/json 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/widget_info_v2?locales=en-US,en-US&platform=web

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

bdfb1e656b802b8c23d6fd89d1567cffd49fc51054e636564dac48e604173f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:53 GMT
content-encoding: gzip
x-ratelimit-total: 3000
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 88
x-status: EXPIRED
Connection: keep-alive
x-xss-protection: 1; mode=block
x-request-id: a71eed14-7916-470c-aa66-29f58ffd2aa8
x-trace-id: 00-aa418fa961812ebcd08f6c95ead707e4-a49234f224d42c80-00
served-by: 4082
server: fwe
x-ratelimit-remaining: 2997
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 4082
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 chunk.36a21e24d85354e92af9.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 53 KB
13 KB 23ms
23ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.36a21e24d85354e92af9.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.d8dd0fc04f0f1fcf87fe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6a42501322528b9bef53841dde1efa028f6742cabc411c375e70005233f7792b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:19:22 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 07:36:19 GMT
server: AmazonS3
age: 170
etag: W/"399320f845407ed86ce5a78dca0f26ea"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: Le3noYyIXWryEWrX_9lVRq5XBbTfeFw_8eWV235XYa1LGV6_dR1eSg==
expires: Wed, 14 Jun 2023 07:36:16 GMT

PUT
H/1.1 200
OK activity Show response
wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/user/a61c137b-cdf6-42fa-a9f6-ce6f72ab7289/ Frame CADD 17 B
1 KB 110ms
110ms XHR
application/json 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/user/a61c137b-cdf6-42fa-a9f6-ce6f72ab7289/activity

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/5499.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-ratelimit-total: 3000
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 2
Connection: keep-alive
Content-Length: 17
x-xss-protection: 1; mode=block
x-request-id: 19962ddf-a273-400b-bf6b-a47555a565f5
x-trace-id: 00-964ff3c97c91ac393fc9932b9ab67879-2bfe1f4eea6eb0cd-00
served-by: 2601
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2996
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 2601
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
H2 200 index.html Show response
29576747429889.webpush.freshchat.com/ Frame 9253 30 KB
7 KB 487ms
422ms Document
text/html 143.204.89.95
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://29576747429889.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Requested by: Host: wchat.freshchat.com
URL: https://wchat.freshchat.com/js/widget.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-95.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3

Request headers

Referer: https://m.highflyercasino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html
date: Sat, 18 Jun 2022 03:21:54 GMT
etag: W/"4d98f93ebe4eb8cedbbfdb3004920aeb"
last-modified: Fri, 25 Oct 2019 06:53:38 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
x-amz-cf-id: ZAGX--GsDY1mMpVtB0GOAdIJhSe1pVd_ct_efMzITKord0s2IAONTQ==
x-amz-cf-pop: FRA50-C1
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

GET
H2 200 chunk.84caa053ae6d6dd299fb.js Show response
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 231 KB
40 KB 23ms
23ms Script
application/javascript 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/chunk.84caa053ae6d6dd299fb.js
Requested by: Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/fd-messaging.d8dd0fc04f0f1fcf87fe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: bff9aab4422f34bb5f3c08c4177d1d02f6b5195b28720b6948bbfa69faa2048c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:17:21 GMT
content-encoding: br
last-modified: Tue, 14 Jun 2022 07:36:19 GMT
server: AmazonS3
age: 284
etag: W/"8ff1863f1a36927cdea40b1907c4206a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 0Sw_G03npDW_omXvvBqs3Mkt636oG_24G3twp0RTbygmUHwBLjkLgg==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H/1.1 200
OK categories Show response
wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/omni/faq/ Frame CADD 81 B
1 KB 149ms
149ms XHR
application/json 34.236.232.170
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://wchat.freshchat.com/app/services/app/webchat/ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c/omni/faq/categories?per_page=100&platform=web&locale=en-us&page=1

Requested by

Host: assetscdn-wchat.freshchat.com
URL: https://assetscdn-wchat.freshchat.com/static/assets/vendor.3474f8e0dcdb6126f26894076afa40d6.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.236.232.170 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-236-232-170.compute-1.amazonaws.com

Software

fwe /

Resource Hash

8779ea02c05847c1209231f40c56422c447c523ba2b512a5f904cdd426f295ed

Security Headers

Name	Value
Content-Security-Policy	style-src 'unsafe-inline' ; font-src 'self' data:; img-src 'self' * data:; connect-src 'self' ; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://.freshchat.com https://.freshworksapi.com; child-src 'self' blob:; media-src 'self' https://.freshchat.com; manifest-src 'self' https://.freshchat.com; default-src 'none';
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://wchat.freshchat.com/widget/?token=ff750e32-9a19-4b5d-9bda-b72b0a9e0e3c&referrer=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Sat, 18 Jun 2022 03:21:53 GMT
content-encoding: gzip
x-ratelimit-total: 3000
x-b3-traceid: f67a89ea3c3c59caa0c7aab518e2a0d1
Transfer-Encoding: chunked
x-ratelimit-used-currentrequest: 1
x-envoy-upstream-service-time: 37
Connection: keep-alive
x-b3-spanid: 0f707d104d2ec533
x-xss-protection: 1; mode=block
x-request-id: 48545a7d-5964-4117-a50a-731ac2eba42b
x-trace-id: 00-c807a0216759ead3df9bf9a0323246ff-b005edac25bdefff-00, 00-c807a0216759ead3df9bf9a0323246ff-cb77bbb0d9a5ab07-00
served-by: 5323
x-fd-request-id: 1e0cd714-a3ff-4036-813f-78da885ed690
server: fwe
content-security-policy: style-src 'unsafe-inline' *; font-src 'self' * data:; img-src 'self' * data:; connect-src 'self' *; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.freshchat.com https://*.freshworksapi.com; child-src 'self' * blob:; media-src 'self' https://*.freshchat.com; manifest-src 'self' https://*.freshchat.com; default-src 'none';
x-ratelimit-remaining: 2995
strict-transport-security: max-age=31536000; includeSubDomains
x-fw-ratelimiting-managed: true
cache-control: no-cache,no-store,no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-server: 5323
x-ratelimit-limit: 3000
access-control-allow-credentials: true
Content-Type: application/json;charset=UTF-8

GET
BLOB 200
OK 1ded1d07-1dc7-44cd-b005-11931e120ac8
https://wchat.freshchat.com/ Frame CADD 152 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://wchat.freshchat.com/1ded1d07-1dc7-44cd-b005-11931e120ac8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a4bf2ab88acb880338e136abde96936d2b756f626d32b14e0ef5b30f81fc2c3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Length: 152

GET
H2 200 freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
assetscdn-wchat.freshchat.com/static/assets/ Frame CADD 663 B
1 KB 23ms
23ms Image
image/svg+xml 108.157.4.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assetscdn-wchat.freshchat.com/static/assets/freshchat-line.7327fc2a43ff6a857c38e96ffa7e00f2.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-91.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wchat.freshchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 18 Jun 2022 03:20:50 GMT
via: 1.1 021d8c03b9a9a9281489f9b9055209cc.cloudfront.net (CloudFront)
last-modified: Mon, 06 Jun 2022 11:27:48 GMT
server: AmazonS3
age: 77
etag: "cd452acf4efb05843ef7575e5a9de756"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000, no-transform, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
content-length: 663
x-amz-cf-id: fa3FE30PLuh8LDy2RuUTPggJfFpdf2OGknhwHso4a11LiDQ13WSJrw==
expires: Wed, 14 Jun 2023 07:36:16 GMT

GET
H2 200 fc_logo.png
29576747429889.webpush.freshchat.com/ Frame 9253 4 KB
4 KB 20ms
20ms Image
image/png 143.204.89.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://29576747429889.webpush.freshchat.com/fc_logo.png
Requested by: Host: 29576747429889.webpush.freshchat.com
URL: https://29576747429889.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.89.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-89-95.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://29576747429889.webpush.freshchat.com/index.html?ref=aHR0cHM6Ly9tLmhpZ2hmbHllcmNhc2luby5jb20=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Sat, 18 Jun 2022 02:24:36 GMT
via: 1.1 a148356b14492df0e216c234ac2c2308.cloudfront.net (CloudFront)
last-modified: Thu, 08 Feb 2018 07:54:41 GMT
server: AmazonS3
age: 3438
etag: "e87df9f10dcf497ae292dc234200465c"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 3777
x-amz-cf-id: V85cnbXGXeTn5Hqu7mnvXpbWPI2_4YrwIK-7oWofZe65y-abSbMjmA==

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/ 82 KB
30 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAm5PRubIhWvEsDJDETqM11l-jzXONCQyg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4132f06e190df60f90a24b282db80d9de82bfd6758b9fda2cd5e290698720dab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30576
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 20:28:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 21:55:19 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/ 311 KB
92 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/49/5/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyAm5PRubIhWvEsDJDETqM11l-jzXONCQyg&libraries=places

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

026d5fc731996e725a1603c60b076d0126a4b5572185c3210288c4ac62794911

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.highflyercasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Wed, 15 Jun 2022 21:55:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 192395
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94114
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 20:28:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 15 Jun 2023 21:55:19 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/ff-sw.js?version=12.55.4-master

Domain: cookies.highflyercasino.com
URL: https://cookies.highflyercasino.com/api/Tracker/InsertWebVisitor?login_name=kaishu10

Domain: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/static/js/0.aa3e9487.chunk.js

Domain: m.highflyercasino.com
URL: https://m.highflyercasino.com/mv2/static/js/10.ffc3276a.chunk.js

Domain: rum-http-intake.logs.datadoghq.com
URL: https://rum-http-intake.logs.datadoghq.com/v1/input/pub1950a667ace0e27173095aa9c7591476?ddsource=browser&ddtags=sdk_version%3A2.18.0%2Cservice%3Afirefly%2Cversion%3A12.55.4&batch_time=1655522509534

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.highflyercasino.com/	1970-01-20 12:37:38	Name: zukoVisitorId Value: Nb2kQWlQJq9XIEUGyKEiK4v92CTfrHZN
.highflyercasino.com/	1970-01-20 21:23:14	Name: _ga Value: GA1.2.1410910427.1655522509
.highflyercasino.com/	1970-01-20 03:53:28	Name: _gid Value: GA1.2.1505589134.1655522509
.highflyercasino.com/	1970-01-20 03:52:02	Name: _gat_gtag_UA_118703340_11 Value: 1
m.highflyercasino.com/	1970-01-20 12:37:38	Name: loopCount Value: 0
m.highflyercasino.com/	1970-01-20 12:37:38	Name: user Value: kaishu10
m.highflyercasino.com/	1970-01-20 12:37:38	Name: tryFireFly Value: true
m.highflyercasino.com/	1970-01-20 12:37:38	Name: site Value: highflyercasino
.gamingpartners.co.uk/	1970-01-20 12:37:59	Name: PAPVisitorId Value: 5fmGJhgwYC32omOKxaUcKoM84clxZcaI
.highflyercasino.com/	1970-01-20 12:37:38	Name: PAPVisitorId Value: 5fmGJhgwYC32omOKxaUcKoM84clxZcaI
.m.highflyercasino.com/	1970-01-20 12:37:38	Name: PAPVisitorId Value: 5fmGJhgwYC32omOKxaUcKoM84clxZcaI
m.highflyercasino.com/	1970-01-20 03:52:03	Name: _dd_s Value: rum=1&id=2bc56d0a-2f31-40bd-bf2b-c08cf0b9c5ed&created=1655522508898&expire=1655523411234
.m.highflyercasino.com/	1970-01-20 12:37:38	Name: _fw_crm_v Value: c4cbe859-f422-4b2b-a7a5-845b02bbe0ed
.highflyercasino.com/	1970-01-20 04:35:14	Name: HFCID Value: 2
.highflyercasino.com/	1970-01-20 04:35:14	Name: HFREFHTTP Value: https%3A%2F%2Fm.highflyercasino.com%2Fmv2%2Flogin%26returnRoute%3Dmypromotions%3Flogin_name%3Dkaishu10
.highflyercasino.com/	1970-01-31 02:51:33	Name: web_visitor_id Value: 1191540

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src self: data: https: wss: 'unsafe-inline' 'unsafe-eval' blob:;
Strict-Transport-Security	max-age=31536000; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

06913606-cc12-4bc8-8303-9e5b374a3fc5.snippet.antillephone.com
29576747429889.webpush.freshchat.com
api.paymentiq.io
assets.zuko.io
assetscdn-wchat.freshchat.com
cdn.contentful.com
cdnjs.cloudflare.com
cookies.highflyercasino.com
fonts.googleapis.com
fonts.gstatic.com
hfca.xyz
images.ctfassets.net
m.highflyercasino.com
maps.googleapis.com
rts-static-prod.freshworksapi.com
rum-http-intake.logs.datadoghq.com
stats.g.doubleclick.net
wchat.freshchat.com
www.datadoghq-browser-agent.com
www.gamingpartners.co.uk
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
cookies.highflyercasino.com
m.highflyercasino.com
rum-http-intake.logs.datadoghq.com
104.18.20.172
104.18.21.172
108.157.4.91
13.248.200.150
143.204.89.79
143.204.89.95
151.101.114.49
18.66.248.223
200.124.136.139
2600:1f18:24e6:b900:8e19:7817:863:c961
2600:9000:2016:9000:e:786e:9000:93a1
2600:9000:2251:a000:2:7580:31c0:93a1
2600:9000:225f:e800:12:94b3:c380:93a1
2606:4700::6811:180e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::200a
2a00:1450:4001:811::200e
2a00:1450:4001:827::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c07::9a
2a00:1450:401b:802::2004
34.236.232.170
91.201.28.211
026d5fc731996e725a1603c60b076d0126a4b5572185c3210288c4ac62794911
02a00e3ef645e0351f654665d42b03388e6a73e0ab4f853c8904faecf322b229
042190f75f291b1ec7eeb7aed61985294b5f8a45e408eb5833a576d8eab9973f
05a530dd5d40bf5dbef4e3d5ed6976e9aec1baf49a20be30e07b1608918e3bc3
0734697543bd694d6f0e1fb7c141866fcb21d2a0514b48c215c9eec2c6e8dfc8
0d94e821024db6e11896d0d97630c8d9fc82ce7920dc9a6e8d54e55bfd3aba66
1cfe70d0841813b3f29d405cf0235ba568bd641ccec2710c2e9bc6c6ea7b1f50
1d057a2a7abbf79f04eb3b7efb288623255d5b4d6c3ffe31f87212ca32fd49a9
1d385066575c705bf3921a518d5f48fcc1ba92d1171719f3a2930234be4304c9
214cbdc2ea11a16a93886f0740150705701cd56f0fba9b1cf6877db85d651e42
2b82601133216ec29983087a0532e9b0af553f7f4a8b3b00ff9d7ffcc1142542
2ecb10ad4b65902e569c07a08771927dcbbc0c3fd94adbc0f835c084363c8c2f
39126af8d458c45fc18eb91010d42605f6e0e903de67d82f503b8e66c143204c
3b324629f8466abd3dee4648ed22f2596b37c636e54607e2075faf51346f56a3
4132f06e190df60f90a24b282db80d9de82bfd6758b9fda2cd5e290698720dab
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4d902c92812b0a51ca978603142c79344146a2a0d166fd97c2419e3cf3b1572c
4f134846c31b01ed11d85972d39def5e7f220e815c980f692ef6e4fcd7f3c470
5773626ddb9ef01730088dd1bd008fbbd2ffa62dcae850d5a71eb1fb32643baa
5a684227c1eef599cf45d875e0f906a73e0fb247aca49c0de70c1a14e7ef818f
622aa050f0d004b41dd00cea283103050d88abf66b93503997aaad9c2cb44945
66f97a0d7be0e3638392e31e4dc62547e6151b4c15030373fe5034af50e4b5c3
695f84cc72df6f482a4d51af7ffa0a2475c71c334790d1f44849206f5bff473d
6a42501322528b9bef53841dde1efa028f6742cabc411c375e70005233f7792b
6a4bf2ab88acb880338e136abde96936d2b756f626d32b14e0ef5b30f81fc2c3
6bf2de7367fea30caf8ad2c9a806cc1ce7fc6bba3c44ac76d0ce4b0a91cbfd2a
7eed09a3bda2013de36d0ac2b942f0149ef500ed56701e5bd80d204ecbf758e4
8029982e606b01f8d1651a46683c7a90ef2496e73823047c0e73b72e285d593e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8779ea02c05847c1209231f40c56422c447c523ba2b512a5f904cdd426f295ed
8f24862077717aa659bc9f521e03cd8dbb013fcae88a3eff5a3824a064c92029
977a5351b70646f24a14c35c55740c8ac5342012e9fe3a43cdbf63919cba1c8f
9aa0c0db7bb96280fd34ecb5a14e6cca99bd07e4b2483af47ba47b719a8f0c34
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a658b2be7323c57d4bd5c4197b657e1f5360d1b950131dc377efec1d5111ffd0
a6cc1136220d4ba4beacbe320887320ba07409e9f42f162517c4145f55007afb
a963621b4341552ca61590aa02e93b70f189e8050a105c32c0197c3c34b2d114
b07907a9874e59df58448f4daba3df53b43c6339ec6f610b458aa660f50630ab
b9ae1cd1a58e44d7fb05315ed87fab804cd0ea20a3f3325683cdca947b569824
bdfb1e656b802b8c23d6fd89d1567cffd49fc51054e636564dac48e604173f68
bff9aab4422f34bb5f3c08c4177d1d02f6b5195b28720b6948bbfa69faa2048c
c725a8b39a90b240c476e1f8c4737bcb47d002eb24ae560b011021d6a9178e29
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d6999d7c9851d2686eb5ac16623f1c94a1a3c0d67fed5f8320d0c25ba26c3a7c
db5f869157b47266d1a5496f5a33d5accb62e4b7c2f3e98930c525b7c7a24046
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2e3f703cf8ee0156a1d625e053c0968b0dfcff62ea4254ddd8ba9fece3ad32
edf7d2ad68a2b9aa001abf5936c997d5adf8eebc7d498b3e5bab75cea192e4ff
ef073d0feeec0a92889b9589b299eec93cc6d85c6c45869ff8ae145186cb7f28
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
f24272b7e48977792ed400569e6a4941ef3580337fda59775021eb09272bc1dd
fc2fa540a35bf9afe5f1928209f18ca81cf837cb12f22185d7c04df94afe5535
fd762b26d1a73e7dd9d3c641c41569d2d3aa3900d488c25fa422ae1f2b71727c
fd94ecca9988977ff92ff315251299c678d8d42d1bb8af07414a6f6d6977dde0

m.highflyercasino.com Open in urlscan Pro 104.18.20.172 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

93 %HTTPS

56 %IPv6

21 Domains

25 Subdomains

25 IPs

7 Countries

3569 kBTransfer

12263 kBSize

16 Cookies

0 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

m.highflyercasino.com Open in urlscan Pro
104.18.20.172 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

93 %
HTTPS

56 %
IPv6

21
Domains

25
Subdomains

25
IPs

7
Countries

3569 kB
Transfer

12263 kB
Size

16
Cookies

89 HTTP transactions
0 data transactions