www.32red.com Open in urlscan Pro
104.17.116.43 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://red32gaames.com/
Effective URL:
https://www.32red.com/
Submission: On December 02 via api (December 2nd 2020, 12:02:45 pm UTC) from NL

Summary HTTP 43 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 23 IPs in 6 countries across 20 domains to perform 43 HTTP transactions. The main IP is 104.17.116.43, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.32red.com.
TLS certificate: Issued by Trustwave Organization Validation SHA... on November 6th 2019. Valid for: 2 years.

This is the only time www.32red.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	165.160.15.20 165.160.15.20	19574 (CSC) (CSC)
1 13	104.17.116.43 104.17.116.43	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	217.10.139.203 217.10.139.203	6908 (DATAHOP D...) (DATAHOP Datahop - Six Degrees)
1	2606:4700::68... 2606:4700::6810:a723	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:817::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	52.209.95.26 52.209.95.26	16509 (AMAZON-02) (AMAZON-02)
1	104.109.77.38 104.109.77.38	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
1 2	216.58.210.6 216.58.210.6	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9408	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.23.162 172.217.23.162	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
1	199.232.56.157 199.232.56.157	54113 (FASTLY) (FASTLY)
1	99.86.7.66 99.86.7.66	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1 2	2a00:1450:400... 2a00:1450:4001:820::2002	15169 (GOOGLE) (GOOGLE)
2	34.249.4.239 34.249.4.239	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:81a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
43	23

1 165.160.15.20 (United States) 1 redirects

ASN19574 (CSC, US)

red32gaames.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 104.17.116.43 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

32red.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.32red.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
css.32red.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.32red.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.10.139.203 (Reading, United Kingdom)

ASN6908 (DATAHOP Datahop - Six Degrees, GB)
PTR: services.postcodeanywhere.co.uk

services.postcodeanywhere.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:a723 (United States)

ASN13335 (CLOUDFLARENET, US)

ajax.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.209.95.26 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-95-26.eu-west-1.compute.amazonaws.com

c1.adalyser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.109.77.38 (Netherlands)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a104-109-77-38.deploy.static.akamaitechnologies.com

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.210.6 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s07-in-f6.1e100.net

5807549.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)

script.crazyegg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s22-in-f162.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.220.241 (Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.56.157 (United States)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.7.66 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-66.fra6.r.cloudfront.net

cdn.graphyte.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.4.239 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-4-239.eu-west-1.compute.amazonaws.com

api.graphyte.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	32red.com 1 redirects 32red.com www.32red.com css.32red.com static.32red.com	1 MB
5	doubleclick.net 2 redirects stats.g.doubleclick.net 5807549.fls.doubleclick.net googleads.g.doubleclick.net	2 KB
4	google-analytics.com www.google-analytics.com	37 KB
3	graphyte.ai cdn.graphyte.ai api.graphyte.ai	174 KB
3	googletagmanager.com www.googletagmanager.com	121 KB
2	facebook.com www.facebook.com	424 B
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	facebook.net connect.facebook.net	92 KB
2	googleadservices.com www.googleadservices.com	14 KB
2	adalyser.com c1.adalyser.com	13 KB
2	postcodeanywhere.co.uk services.postcodeanywhere.co.uk	46 KB
1	google.de www.google.de	108 B
1	google.com 1 redirects www.google.com	560 B
1	t.co t.co	449 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	crazyegg.com script.crazyegg.com
1	tiqcdn.com tags.tiqcdn.com	44 KB
1	cloudflare.com ajax.cloudflare.com	5 KB
1	red32gaames.com 1 redirects red32gaames.com	205 B
0	atgsvcs.com Failed static.atgsvcs.com Failed
43	20

	Domain	Requested by
7	css.32red.com	www.32red.com ajax.cloudflare.com css.32red.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	static.32red.com	www.32red.com css.32red.com
3	www.googletagmanager.com	ajax.cloudflare.com www.32red.com
2	api.graphyte.ai	cdn.graphyte.ai
2	www.facebook.com
2	secure.adnxs.com	1 redirects
2	connect.facebook.net	www.32red.com connect.facebook.net
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	5807549.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	c1.adalyser.com	www.32red.com
2	services.postcodeanywhere.co.uk	www.32red.com ajax.cloudflare.com
1	www.google.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	t.co
1	cdn.graphyte.ai	www.32red.com
1	static.ads-twitter.com	www.32red.com
1	script.crazyegg.com	www.googletagmanager.com
1	tags.tiqcdn.com	www.32red.com
1	ajax.cloudflare.com	www.32red.com
1	www.32red.com
1	32red.com	1 redirects
1	red32gaames.com	1 redirects
0	static.atgsvcs.com Failed	ajax.cloudflare.com
43	26

This site contains links to these domains. Also see Links.

Domain
service32red.custhelp.com
www.gamcare.org.uk
www.gamstop.co.uk
www.gibraltar.gov.gi
beta.gamblingcommission.gov.uk

Subject Issuer	Validity	Valid
*.32red.it Trustwave Organization Validation SHA256 CA, Level 1	`2019-11-06` - `2021-09-22`	2 years	crt.sh
*.postcodeanywhere.co.uk Sectigo RSA Domain Validation Secure Server CA	`2020-02-11` - `2021-02-10`	a year	crt.sh
ajax.cloudflare.com DigiCert ECC Secure Server CA	`2020-08-11` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.adalyser.com Thawte RSA CA 2018	`2019-06-04` - `2021-07-07`	2 years	crt.sh
*.tiqcdn.com DigiCert SHA2 Secure Server CA	`2020-03-16` - `2021-06-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-06-09` - `2021-06-09`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-11-02` - `2021-01-30`	3 months	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.graphyte.ai Amazon	`2020-06-30` - `2021-07-30`	a year	crt.sh
t.co DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
*.googleadservices.com GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh
api.graphyte.ai Amazon	`2020-02-09` - `2021-03-09`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-11-03` - `2021-01-26`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://www.32red.com/
Frame ID: 9845AB3C0D6221D4D24191B1FD17415D
Requests: 58 HTTP requests in this frame

Frame: https://5807549.fls.doubleclick.net/activityi;dc_pre=COa076Ogr-0CFcRF5QodqUYFVQ;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=331217929751;gtm=2wgb41;auiddc=691415694.1606910549;~oref=https%3A%2F%2Fwww.32red.com%2F
Frame ID: 1D20E4AC54EBE50451B8F55448CEDFAD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://red32gaames.com/ HTTP 301
http://32red.com/ HTTP 301
https://www.32red.com/ Page URL

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Crazy Egg (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

43
Requests

98 %
HTTPS

50 %
IPv6

20
Domains

26
Subdomains

23
IPs

6
Countries

1606 kB
Transfer

4356 kB
Size

7
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://service32red.custhelp.com/app/home/st/5/p/1/page/1
Title: Help Centre

Search URL Search Domain Scan URL

URL: http://www.gamcare.org.uk/
Title: Gamcare UK

Search URL Search Domain Scan URL

URL: http://www.gamstop.co.uk/
Title: GamStop

Search URL Search Domain Scan URL

URL: https://www.gibraltar.gov.gi/new/sites/default/files/HMGoG_Documents/32Red_4.pdf
Title: 32Red Ltd is licensed by the Government of Gibraltar (Licence No.019 and No.045) and regulated by the Gibraltar Gambling Commissioner.

Search URL Search Domain Scan URL

URL: https://beta.gamblingcommission.gov.uk/public-register/businesses/results?business-search=32red
Title: Our services in Great Britain are licensed and regulated by The Gambling Commission (Account No: 39430)

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://red32gaames.com/ HTTP 301
http://32red.com/ HTTP 301
https://www.32red.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://5807549.fls.doubleclick.net/activityi;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=331217929751;gtm=2wgb41;auiddc=691415694.1606910549;~oref=https%3A%2F%2Fwww.32red.com%2F HTTP 302
https://5807549.fls.doubleclick.net/activityi;dc_pre=COa076Ogr-0CFcRF5QodqUYFVQ;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=331217929751;gtm=2wgb41;auiddc=691415694.1606910549;~oref=https%3A%2F%2Fwww.32red.com%2F

Request Chain 45

https://secure.adnxs.com/seg?add=14419840&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1

Request Chain 57

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1034938578/?random=2018340498&cv=9&fst=*&num=1&value=0&label=-XScCMmgicsBENLRv-0D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https://www.32red.com/&tiba=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=VYLHX5KwHoTT3gOF-rjABw&sscte=1&crd=&eitems=ChEIgJOd_gUQr_egnIbEudztARIdACRyYNTFpFlEWM-ewwGi5M9tcMoEWyiVCejPBEY HTTP 302
https://www.google.com/pagead/1p-conversion/1034938578/?random=2018340498&cv=9&fst=*&num=1&value=0&label=-XScCMmgicsBENLRv-0D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https://www.32red.com/&tiba=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VYLHX5KwHoTT3gOF-rjABw&eitems=ChEIgJOd_gUQr_egnIbEudztARIdACRyYNQ-TdhPCJJljsz2TOjs2-YYXrUPW-ivrPU&random=1654404121&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/1034938578/?random=2018340498&cv=9&fst=*&num=1&value=0&label=-XScCMmgicsBENLRv-0D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https://www.32red.com/&tiba=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VYLHX5KwHoTT3gOF-rjABw&eitems=ChEIgJOd_gUQr_egnIbEudztARIdACRyYNQ-TdhPCJJljsz2TOjs2-YYXrUPW-ivrPU&random=1654404121&resp=GooglemKTybQhCsO&ipr=y

43 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.32red.com/
Redirect Chain

http://red32gaames.com/
http://32red.com/
https://www.32red.com/

215 KB
47 KB

1245ms
1194ms

Document
text/html

104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.32red.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c674c845a44326264f50219d5f7539323044b6a76384cf52270659cb41ddd6b

Request headers

:method: GET
:authority: www.32red.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __cfduid=de3b8d3852da2ab1b531e256e36d0aeeb1606910547
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
content-type: text/html; charset=UTF-8
set-cookie: CAKEPHP=0n23htn0jmirnbma3covk1dop7; path=/; HttpOnly BTAG=DirectRequest; expires=Fri, 01-Jan-2021 12:02:27 GMT; Max-Age=2592000; path=/; domain=.32red.com loadedCategory=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ loadedCategory=home; path=/ locale=Q2FrZQ%3D%3D.YjI3Y2I5OGUyNzk2MjM2ZDBjZWFkMjBmMmExZmE4ZjQwZjZlNGVkZDVjNzJiMzkwZDUzYjYzNDQxMTVkMGFjMJ5gPP47rKKquF2O6d%2FJMX1ljJYx5LtqdcBEegS9vJvo; expires=Sat, 02-Jan-2021 12:02:27 GMT; Max-Age=2678399; path=/ Casino=%7B%22first%22%3A380%2C%22second%22%3A32947%7D; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent,Cookie
access-control-allow-header: X-DEBUGKIT-ID
cf-cache-status: DYNAMIC
cf-request-id: 06c4ee2e65000010eb76a6b000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 5fb4e62a3f6510eb-CPH
content-encoding: gzip

Redirect headers

Date: Wed, 02 Dec 2020 12:02:27 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: __cfduid=de3b8d3852da2ab1b531e256e36d0aeeb1606910547; expires=Fri, 01-Jan-21 12:02:27 GMT; path=/; domain=.32red.com; HttpOnly; SameSite=Lax
Location: https://www.32red.com
CF-Cache-Status: DYNAMIC
cf-request-id: 06c4ee2de300001d0667a26000000001
Server: cloudflare
CF-RAY: 5fb4e6296c2e1d06-CPH

GET
H2 200 application.v1606846405.css
css.32red.com/css/ 1020 KB
340 KB 81ms
62ms Stylesheet
text/css 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://css.32red.com/css/application.v1606846405.css
Requested by: Host: www.32red.com
URL: https://www.32red.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b9683c7535fa5dee5241e7ec77a62571362722ed1c8a32007ea84069454c413

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 61969
cf-polished: origSize=1184273
cf-request-id: 06c4ee3328000010eb743be000000001
last-modified: Tue, 01 Dec 2020 18:11:16 GMT
server: cloudflare
etag: W/"1408a6-121211-5b56b0d859f9f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
expires: Thu, 31 Dec 2020 18:49:27 GMT
cache-control: max-age=2592000
cf-ray: 5fb4e631dd8310eb-CPH
cf-bgj: minify

GET
H/1.1 200
OK address-3.70.css
services.postcodeanywhere.co.uk/css/ 11 KB
2 KB 132ms
42ms Stylesheet
text/css 217.10.139.203
Six Degrees

General

Check archive.org

Show headers Download Go to

Full URL: https://services.postcodeanywhere.co.uk/css/address-3.70.css
Requested by: Host: www.32red.com
URL: https://www.32red.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 217.10.139.203 Reading, United Kingdom, ASN6908 (DATAHOP Datahop - Six Degrees, GB),
Reverse DNS: services.postcodeanywhere.co.uk
Software: nginx/1.15.7 /
Resource Hash: 677a65d8f2aeb023603a4d3b46f37de723e4a3fb7fad11f2339893d40be8b7e5

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 12:02:28 GMT
Content-Encoding: gzip
Server: nginx/1.15.7
Content-Type: text/css;charset=UTF-8
Cache-Control: public
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 2173

GET
H2 200 logo.svg
static.32red.com/img/ 2 KB
1 KB 180ms
168ms Image
image/svg+xml 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.32red.com/img/logo.svg?1606910548
Requested by: Host: www.32red.com
URL: https://www.32red.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a54e2c42a9f9497b880f571462ea03949ad526e4b5d67e298369f2a775755758

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 21 Nov 2017 09:28:55 GMT
server: cloudflare
etag: W/"16070f-9d6-55e7ad4fc4f87"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 5fb4e631dd7c10eb-CPH
cf-request-id: 06c4ee3323000010eb86afd000000001
expires: Thu, 02 Dec 2021 12:10:58 GMT

GET
H2 200 Lara_Croft_RND-ttred.jpg
static.32red.com/img/homepage-header/large/ 110 KB
110 KB 47ms
35ms Image
image/jpeg 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.32red.com/img/homepage-header/large/Lara_Croft_RND-ttred.jpg
Requested by: Host: www.32red.com
URL: https://www.32red.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e253e7a18e27e40bc9ea41b0a1a0a37419f5bc9f5178f72904d68100006813d

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
cf-cache-status: HIT
age: 48011
cf-polished: degrade=85, origSize=565978
content-length: 112540
cf-request-id: 06c4ee3323000010eb9b8c9000000001
last-modified: Fri, 23 Aug 2019 08:54:44 GMT
server: cloudflare
etag: "1657b5-8a2da-590c4f5229b28"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
expires: Wed, 01 Dec 2021 18:13:49 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fb4e631dd7810eb-CPH
cf-bgj: imgq:85,h2pri

GET
H2 200 loader.svg
static.32red.com/img/ 1014 B
761 B 46ms
34ms Image
image/svg+xml 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.32red.com/img/loader.svg
Requested by: Host: www.32red.com
URL: https://www.32red.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c2eee525972c2b03779f3d1d8c8d97559d4de12d40f3aca2f6385cf0f5bed56d

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Mon, 25 Sep 2017 12:21:09 GMT
server: cloudflare
age: 64218
etag: W/"15fabb-3f6-55a0297f350f8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
cf-ray: 5fb4e631dd7a10eb-CPH
cf-request-id: 06c4ee3323000010ebb8b27000000001
expires: Wed, 01 Dec 2021 16:49:40 GMT

GET
H2 200 rocket-loader.min.js Show response
ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/ 12 KB
5 KB 38ms
18ms Script
application/javascript 2606:4700::6810:a723
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.32red.com
URL: https://www.32red.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:a723 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
nel: {"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
cf-request-id: 06c4ee33640000c2f93833d000000001
last-modified: Tue, 24 Nov 2020 15:06:25 GMT
server: cloudflare
x-frame-options: DENY
etag: W/"5fbd2171-3016"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=V5JQ42zKhFqRvKeI9m2rCXg0uiHx2eIYY3mQQp6CpaHoHqpswMUAZc3m0IoVqq5LQcSWlqfZFSVcwPcDEF0BNbkeAv%2FqIhiJZ0N%2BidTBN3C4m5Vyay1wllLly9lJOA9a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 5fb4e6323dbdc2f9-FRA
expires: Fri, 04 Dec 2020 12:02:28 GMT

GET atgsvcs.js
static.atgsvcs.com/js/ 0
0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 96 KB
38 KB 17ms
15ms Script
application/javascript 2a00:1450:4001:817::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-128674441-1

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

19b0b20382d2f55e2a148f34996b8e1042dc41417c7c8a699a75d5da6ae93e34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38695
x-xss-protection: 0
expires: Wed, 02 Dec 2020 12:02:28 GMT

GET
H2 200 general-desktop-main.v1606846404.js Show response
css.32red.com/js/ 30 KB
9 KB 38ms
37ms Script
text/javascript 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://css.32red.com/js/general-desktop-main.v1606846404.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bf68bf45478877a7316d254e1a3e2604e0e1b4ba0cbba2e394fc0ba774b0989a

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 60785
cf-polished: origSize=30870
cf-request-id: 06c4ee3388000010eb9d34c000000001
last-modified: Tue, 01 Dec 2020 18:10:52 GMT
server: cloudflare
etag: W/"140fea-7896-5b56b0c0fee8b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Thu, 31 Dec 2020 18:51:34 GMT
cache-control: max-age=2592000
cf-ray: 5fb4e6327e9410eb-CPH
cf-bgj: minify

GET
H2 200 application.v1606846404.js Show response
css.32red.com/js/ 400 KB
104 KB 39ms
37ms Script
text/javascript 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://css.32red.com/js/application.v1606846404.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 87c9f1b66eb74a2c7c335b882b270dfab7f095debbf675760e86967824dc3633

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 61969
cf-polished: origSize=409655
cf-request-id: 06c4ee3388000010eb94abf000000001
last-modified: Tue, 01 Dec 2020 18:12:41 GMT
server: cloudflare
etag: W/"140fb4-64037-5b56b1292c1d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Thu, 31 Dec 2020 18:49:27 GMT
cache-control: max-age=2592000
cf-ray: 5fb4e6327e9510eb-CPH
cf-bgj: minify

GET
H2 200 framework.v1606846403.js Show response
css.32red.com/js/ 943 KB
247 KB 37ms
36ms Script
text/javascript 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://css.32red.com/js/framework.v1606846403.js
Requested by: Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f616790eef8b646a83c55e7d3adfa639d40adac0b1c21b6c785860898f433dd1

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 61969
cf-polished: origSize=965595
cf-request-id: 06c4ee3388000010eb76ad1000000001
last-modified: Tue, 01 Dec 2020 18:12:41 GMT
server: cloudflare
etag: W/"140fbb-ebbdb-5b56b12933aed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
expires: Thu, 31 Dec 2020 18:49:27 GMT
cache-control: max-age=2592000
cf-ray: 5fb4e6327e9610eb-CPH
cf-bgj: minify

GET
H/1.1 200
OK address-3.70.js Show response
services.postcodeanywhere.co.uk/js/ 216 KB
43 KB 90ms
69ms Script
text/javascript 217.10.139.203
Six Degrees

General

Check archive.org

Show headers Download Go to

Full URL

https://services.postcodeanywhere.co.uk/js/address-3.70.js

Requested by

Host: ajax.cloudflare.com
URL: https://ajax.cloudflare.com/cdn-cgi/scripts/7089c43e/cloudflare-static/rocket-loader.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

217.10.139.203 Reading, United Kingdom, ASN6908 (DATAHOP Datahop - Six Degrees, GB),

Reverse DNS

services.postcodeanywhere.co.uk

Software

nginx/1.15.7 /

Resource Hash

a9b042176309227b941bcf4f92932c28817c7bb0e5cc128cdb2360bb965ad439

Security Headers

Name	Value
X-Xss-Protection	1

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 12:02:28 GMT
Content-Encoding: gzip
Server: nginx/1.15.7
Content-Type: text/javascript;charset=UTF-8
Cache-Control: public
Connection: keep-alive
X-Robots-Tag: noindex
Content-Length: 44243
X-XSS-Protection: 1

GET
H2 200 2CD456_0_0.woff2
css.32red.com/fonts/ 32 KB
33 KB 102ms
56ms Font
application/font-woff2 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://css.32red.com/fonts/2CD456_0_0.woff2
Requested by: Host: css.32red.com
URL: https://css.32red.com/css/application.v1606846405.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f85d09fb46544e82ca327703c16c54c67e589d5032ed0359919c1d848abb67d5

Request headers

Origin: https://www.32red.com
Referer: https://css.32red.com/css/application.v1606846405.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
cf-cache-status: HIT
age: 64214
content-length: 33110
cf-request-id: 06c4ee33ea000073571639c000000001
last-modified: Fri, 27 Nov 2020 21:27:17 GMT
server: cloudflare
etag: "1408f7-8156-5b51d53289c3d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fb4e6330e047357-CPH
expires: Wed, 01 Dec 2021 16:41:09 GMT

GET
H2 200 transparencySprite.png
static.32red.com/img/ 62 KB
62 KB 31ms
31ms Image
image/png 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.32red.com/img/transparencySprite.png
Requested by: Host: css.32red.com
URL: https://css.32red.com/css/application.v1606846405.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 776b862de717732b909590d3ce53c81c9611c3f1c7230a3451b11bb2be48da3a

Request headers

Referer: https://css.32red.com/css/application.v1606846405.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
cf-cache-status: HIT
age: 64214
cf-polished: status=not_needed
content-length: 63550
cf-request-id: 06c4ee33bb000010eb839c1000000001
last-modified: Thu, 16 Nov 2017 13:07:21 GMT
server: cloudflare
etag: "15fbc9-f83e-55e194cf07a24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Wed, 01 Dec 2021 16:49:39 GMT
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fb4e632cf3410eb-CPH
cf-bgj: imgq:85,h2pri

GET
H2 200 2CD456_2_0.woff2
css.32red.com/fonts/ 31 KB
32 KB 77ms
35ms Font
application/font-woff2 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://css.32red.com/fonts/2CD456_2_0.woff2
Requested by: Host: css.32red.com
URL: https://css.32red.com/css/application.v1606846405.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193a2818e9e3e60e2c86fd3b829327b19843187fba3c7a6d1884c76d5630ff77

Request headers

Origin: https://www.32red.com
Referer: https://css.32red.com/css/application.v1606846405.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
cf-cache-status: HIT
age: 64214
content-length: 32039
cf-request-id: 06c4ee33ea000073573d2ea000000001
last-modified: Fri, 27 Nov 2020 21:24:34 GMT
server: cloudflare
etag: "1408e4-7d27-5b51d496c5b17"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fb4e6330e057357-CPH
expires: Wed, 01 Dec 2021 16:41:09 GMT

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3ad91bc56e802c6fb8ad369737ac0a130e0a499d410a4c00edf0996aeb2e1280

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3908f39229b0d50edd744c9c3025cb55465f66a6c2c3c61fb15830a6ad1aa7f2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e7786d13cb705435a677eec510c699e4ad381dd936638815c19ef27b28eb8bb1

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9bef384855f383317b1fdc195dbca645cd11c71baef5140d457f2f6eafa84dd5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 595ccda4303e8b0ff3415aa12bd620eebe434c48a4c3ebaf825c544fcfe0614d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9677a9eb54e83b23c5d6b6938ac3b697ec9d025816d21da56c72f3bcf4735de6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c58581f14d33cd1d7c0a0c399ec373046cc4a10373ddceed6ef5d068ce2917aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3e98bd1bfcea80893f7a6f36aea254fdab4a1982c7511cfa406dd79f51da7513

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fa92d7ef514a7e90a078083fd3bc01237736a88544a25a41c0ebb1f5d3dc9b6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a15b56b3ab11e5c2a9744c7e7965c5edc19881eb50dcb605d2a489d649d2f63

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0448b0f29df3226d9612bdf00fd4e1b8b54b40d166870edc13622f1f5fd8ab3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 220dfc78f32ca158058a7d27afeed3ea36816538baf391dbe6aae3af9f77fd6d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a7392ff19107f054658ad2eaea2e7628f5a265cc7c09a94c5fdb19db6739c91b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c05a2b5ca4d672bc37d8abaa2f5f9958cc0484199c6fffd012615e328278822c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7d30d50c8bd1a098e213d2798fdbef78e34b752fd852beccc94229ab074a55d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/jpg

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80a5f94a201ad353f364deeb6bdc6c3454f85503b58d1e74055fe1f1a605abc2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/jpg

GET
DATA 200
OK truncated
/ 16 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3db39cbed2bf88aad2a271b3687da87409900affc0f4e738e5e7002a578eaecd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 icomoon.ttf
css.32red.com/fonts/ 70 KB
70 KB 101ms
72ms Font
application/x-font-ttf 104.17.116.43
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://css.32red.com/fonts/icomoon.ttf?7hwrnv
Requested by: Host: css.32red.com
URL: https://css.32red.com/css/application.v1606846405.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4efd5b9dd88e61cb5891af257ae3d4a83370e6cff70d150f5eabdeb24c37f40b

Request headers

Origin: https://www.32red.com
Referer: https://css.32red.com/css/application.v1606846405.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:28 GMT
cf-cache-status: HIT
age: 64214
content-length: 71308
cf-request-id: 06c4ee33ea00007357dc86e000000001
last-modified: Fri, 27 Nov 2020 21:23:47 GMT
server: cloudflare
etag: "1408ed-1168c-5b51d46a4347c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-font-ttf
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 5fb4e6330e067357-CPH
expires: Wed, 01 Dec 2021 16:41:09 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
53 KB 45ms
30ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB

Requested by

Host: www.32red.com
URL: https://www.32red.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

13183b15b507722738ea05ab477488a783cae46717567ab27797396d8e31062f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54122
x-xss-protection: 0
expires: Wed, 02 Dec 2020 12:02:29 GMT

GET
H/1.1 200
OK adalyser.js Show response
c1.adalyser.com/ 35 KB
12 KB 214ms
51ms Script
application/javascript 52.209.95.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.adalyser.com/adalyser.js?cid=32red
Requested by: Host: www.32red.com
URL: https://www.32red.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.95.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-95-26.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: 8a8beec5e0c5d2e3d4071a8c532dd315c8a22e30fcdf570946a360e19809aace

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Date: Wed, 02 Dec 2020 12:02:29 GMT
Content-Encoding: gzip
ETag: "f4570ebd47039b340ce34d52b8dd9637eb70d91f"
X-Powered-By: Express
P3P: CP="ADMa OUR IND DSP NON COR"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=7200
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript
Access-Control-Allow-Headers: origin, content-type, accept
Content-Length: 12278

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 75 KB
30 KB 46ms
32ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TXF3B7K&l=dataLayerNew

Requested by

Host: www.32red.com
URL: https://www.32red.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e522ca760d3d65b0633e24e06645a0ea989b3415f734ec80fc0d6636f5305130

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:29 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30187
x-xss-protection: 0
expires: Wed, 02 Dec 2020 12:02:29 GMT

GET
H2 200 utag.js Show response
tags.tiqcdn.com/utag/kindred/32red/prod/ 142 KB
44 KB 1054ms
993ms Script
application/x-javascript 104.109.77.38
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Requested by: Host: www.32red.com
URL: https://www.32red.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.109.77.38 , Netherlands, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS: a104-109-77-38.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 94010a2bfb62b96df2d4dd64b2006e7240338ae983e6bef406101b65a1ef42b8

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:30 GMT
content-encoding: gzip
last-modified: Wed, 11 Nov 2020 17:39:39 GMT
server: AkamaiNetStorage
etag: "80afeb7d8b1a1c41c6ef64def2f546c5:1605116379.533032"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=300
accept-ranges: bytes
expires: Wed, 02 Dec 2020 12:07:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128674441-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 788
date: Wed, 02 Dec 2020 11:49:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 02 Dec 2020 13:49:21 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
387 B 41ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=2061942444&t=pageview&_s=1&dl=https%3A%2F%2Fwww.32red.com%2F&ul=en-us&de=UTF-8&dt=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUABAAAAAC~&jid=603337708&gjid=1680346746&cid=164867205.1606910549&tid=UA-128674441-1&_gid=631484032.1606910549&_r=1&gtm=2oub41&z=644187899

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 12:02:29 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.32red.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
84 B 17ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-69848558-1&cid=164867205.1606910549&jid=33151211&gjid=235798229&_gid=631484032.1606910549&_u=aGDAgUABAAAAAG~&z=1037534820

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 02 Dec 2020 12:02:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.32red.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 788
date: Wed, 02 Dec 2020 11:49:21 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Wed, 02 Dec 2020 13:49:21 GMT

GET
H3-Q050

200

activityi;dc_pre=COa076Ogr-0CFcRF5QodqUYFVQ;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=331217929751;gtm=2wgb41;auiddc=691415694.1606910549;~oref=https%3A%2F%2Fwww.32red.com%2F
5807549.fls.doubleclick.net/ Frame 1D20
Redirect Chain

https://5807549.fls.doubleclick.net/activityi;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=331217929751;gtm=2wgb41;auiddc=691415694.1606910549;~oref=https%3A%2F%2Fwww.32red.com%2F?
https://5807549.fls.doubleclick.net/activityi;dc_pre=COa076Ogr-0CFcRF5QodqUYFVQ;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=331217929751;gtm=2wgb41;auiddc=691415694.1606910549;~oref=https%3A%2...

0
0

122ms
70ms

Document
text/html

216.58.210.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5807549.fls.doubleclick.net/activityi;dc_pre=COa076Ogr-0CFcRF5QodqUYFVQ;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=331217929751;gtm=2wgb41;auiddc=691415694.1606910549;~oref=https%3A%2F%2Fwww.32red.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

216.58.210.6 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s07-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5807549.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COa076Ogr-0CFcRF5QodqUYFVQ;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=331217929751;gtm=2wgb41;auiddc=691415694.1606910549;~oref=https%3A%2F%2Fwww.32red.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.32red.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 02 Dec 2020 12:02:29 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 386
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 02-Dec-2020 12:17:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 02 Dec 2020 12:02:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://5807549.fls.doubleclick.net/activityi;dc_pre=COa076Ogr-0CFcRF5QodqUYFVQ;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=331217929751;gtm=2wgb41;auiddc=691415694.1606910549;~oref=https%3A%2F%2Fwww.32red.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 410 1462.js
script.crazyegg.com/pages/scripts/0053/ 0
0 42ms
22ms Script
application/javascript 2606:4700::6813:9408
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.crazyegg.com/pages/scripts/0053/1462.js?446364
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:29 GMT
cf-cache-status: HIT
last-modified: Tue, 01 Dec 2020 16:58:26 GMT
server: cloudflare
age: 68643
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=86400, s-maxage=86400
cf-ray: 5fb4e635399ddffb-FRA
content-length: 0
cf-request-id: 06c4ee35400000dffb859f3000000001

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 149ms
52ms Script
text/javascript 172.217.23.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s22-in-f162.1e100.net

Software

cafe /

Resource Hash

30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11761
x-xss-protection: 0
server: cafe
etag: 8854462785499610041
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 02 Dec 2020 12:02:29 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 89 KB
23 KB 8ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.32red.com
URL: https://www.32red.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23320
x-xss-protection: 0
pragma: public
x-fb-debug: 7cC2e83Eu4ywgs/WkRjq+WqWHxnq4/XygemYol6j16p6QNHENgC997FkdSpJWr//r3PamBZnIANE5VU6saNwLA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 02 Dec 2020 12:02:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1

200
OK

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=14419840&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1

0
1022 B

44ms
43ms

Script
application/javascript

185.33.220.241
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.241 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 12:02:29 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.4:80
AN-X-Request-Uuid: af3353af-d7db-428b-a100-7b2b6c2f0e11
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 12:02:29 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.42:80
AN-X-Request-Uuid: cad6c032-b1bb-4180-8f8a-a6fe716a53bd
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 6 KB
2 KB 129ms
40ms Script
application/javascript 199.232.56.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.32red.com
URL: https://www.32red.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.56.157 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6b6a04806a0b7d40c3f34df06019d00ae8a476d94c069bc7e013a45e64792780

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:29 GMT
via: 1.1 varnish
last-modified: Mon, 30 Nov 2020 21:00:48 GMT
age: 29487
etag: "71080ed13bccfc6d8bb6dc6930f12455+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 2209
x-timer: S1606910549.404822,VS0,VE0
x-served-by: cache-lon4226-LON

GET
H2 200 graphyte.min.js Show response
cdn.graphyte.ai/ 173 KB
174 KB 137ms
48ms Script
application/javascript 99.86.7.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.graphyte.ai/graphyte.min.js
Requested by: Host: www.32red.com
URL: https://www.32red.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.66 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-66.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3760b90483e1491e7df537db0055697ed9a3433796f1ab98327c598d7e931993

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 10:33:44 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
last-modified: Sat, 27 Apr 2019 12:31:38 GMT
server: AmazonS3
age: 5326
etag: "19cd72518c78bc008ea0006ffd287280"
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 177454
x-amz-cf-id: ICKvVnJbYD6-2XViwETXBv9S4gaWKXlLmQ1t-W929m8rOcP9PFspgA==

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 9ms
7ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=2061942444&t=pageview&_s=1&dl=https%3A%2F%2Fwww.32red.com%2F&ul=en-us&de=UTF-8&dt=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUABAAAAAC~&jid=33151211&gjid=235798229&cid=164867205.1606910549&tid=UA-69848558-1&_gid=631484032.1606910549&gtm=2wgb41TH6RPB&z=1345113763

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Dec 2020 18:02:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64810
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
420 B 42ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-128674441-1&cid=164867205.1606910549&jid=603337708&gjid=1680346746&_gid=631484032.1606910549&_u=IEBAAUAAAAAAAC~&z=1573346099

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 02 Dec 2020 12:02:29 GMT
content-type: text/plain
access-control-allow-origin: https://www.32red.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 278155385876307 Show response
connect.facebook.net/signals/config/ 239 KB
69 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/278155385876307?v=2.9.29&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

74bc0a0bdcfd578e5a6c58d68c93af37151798340cf8f396f9446cbadb5631cd

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70252
x-xss-protection: 0
pragma: public
x-fb-debug: lCH8p7eFdmARkUawaDV75/1/rqms96NVl1kfA7hjDlU+WmtXe8nEkngM96neLKEIv55pQ4vb5rO0PBfJdrGhLg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Wed, 02 Dec 2020 12:02:29 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 86570174
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
268 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=278155385876307&ev=PageViewGTM&dl=https%3A%2F%2Fwww.32red.com%2F&rl=&if=false&ts=1606910549351&sw=1600&sh=1200&v=2.9.29&r=stable&ec=0&o=30&fbp=fb.1.1606910549349.272854619&it=1606910549316&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:29 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 02 Dec 2020 12:02:29 GMT

GET
H/1.1 200
OK p
c1.adalyser.com/tracking/track/v4/ 43 B
483 B 50ms
49ms Image
image/gif 52.209.95.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c1.adalyser.com/tracking/track/v4/p?e=lce1&stm=1606910549427&url=https%3A%2F%2Fwww.32red.com%2F&cid=32red&domain=www.32red.com&p=%7B%22a1%22%3A%22Session%22%2C%22et%22%3A1606910549424%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%22c954ef89-0774-408f-bd1c-ed52f6c81c6e%22%2C%22udid%22%3A%223b3d720d-7d39-4140-addd-fdf5760c9fbe%22%2C%22cw%22%3A1606910549424%2C%22lp%22%3A%22https%3A%2F%2Fwww.32red.com%2F%22%7D&userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.97%20Safari%2F537.36
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.209.95.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-209-95-26.eu-west-1.compute.amazonaws.com
Software: / Express
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 02 Dec 2020 12:02:29 GMT
ETag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
X-Powered-By: Express
P3P: CP="ADMa OUR IND DSP NON COR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
content-type: image/gif
Access-Control-Allow-Headers: origin, content-type, accept
Content-Length: 43
Expires: 0

GET
H2 200 adsct
t.co/i/ 43 B
449 B 241ms
157ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.0&p_id=Twitter&p_user_id=0&txn_id=nz06m&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.32red.com%2F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 114
pragma: no-cache
last-modified: Wed, 02 Dec 2020 12:02:29 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 99fd6c85f4535d57d9b34b42921ba0c7
x-transaction: 005ea51a00873506
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-Q050 200 / Show response
www.googleadservices.com/pagead/conversion/1034938578/ 2 KB
2 KB 43ms
29ms Script
text/javascript 2a00:1450:4001:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/1034938578/?random=1606910549459&cv=9&fst=1606910549459&num=1&value=0&label=-XScCMmgicsBENLRv-0D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.32red.com%2F&tiba=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a681c12a11db94fa428cc8263ec65ae99aa55e7197f8b531c1faaf2684b8b71f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 12:02:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1211
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 p
api.graphyte.ai/clickstream/v1/ Frame 0
0 239ms
114ms Other
application/json 34.249.4.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.graphyte.ai/clickstream/v1/p
Protocol: H2
Server: 34.249.4.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-4-239.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: debug,x-api-key,x-brand-key
Origin: https://www.32red.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Wed, 02 Dec 2020 12:02:29 GMT
content-type: application/json
content-length: 0
x-amzn-requestid: 805d4fca-00c8-4798-b188-8ec7f94aed98
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-brand-key,debug
x-amz-apigw-id: W7FNaF5PDoEFSDA=
access-control-allow-methods: GET,POST,OPTIONS
access-control-max-age: 600

POST
H2 200 p Show response
api.graphyte.ai/clickstream/v1/ 16 B
227 B 101ms
101ms XHR
application/json 34.249.4.239
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.graphyte.ai/clickstream/v1/p
Requested by: Host: cdn.graphyte.ai
URL: https://cdn.graphyte.ai/graphyte.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.4.239 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-4-239.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer: https://www.32red.com/
x-api-key: rOI6Fza3I46iNj7GfLqvT2fW4dCOt1PU35GzMZs2
debug
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36
x-brand-key: f4f01920-c81b-44c0-acc1-d3f60a3362c6
Content-Type: text/plain

Response headers

access-control-allow-origin: *
date: Wed, 02 Dec 2020 12:02:29 GMT
x-amzn-requestid: f9c4d2ea-4425-4bf1-a4b1-5cd5898c5a5b
x-amz-apigw-id: W7FNaFRPDoEFqNQ=
x-amzn-trace-id: Root=1-5fc78255-5af0ea9b5068678352104095;Sampled=0
content-length: 16
content-type: application/json

GET
H2

200

/
www.google.de/pagead/1p-conversion/1034938578/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1034938578/?random=2018340498&cv=9&fst=*&num=1&value=0&label=-XScCMmgicsBENLRv-0D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_...
https://www.google.com/pagead/1p-conversion/1034938578/?random=2018340498&cv=9&fst=*&num=1&value=0&label=-XScCMmgicsBENLRv-0D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_c...
https://www.google.de/pagead/1p-conversion/1034938578/?random=2018340498&cv=9&fst=*&num=1&value=0&label=-XScCMmgicsBENLRv-0D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd...

42 B
108 B

27ms
27ms

Image
image/gif

2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1034938578/?random=2018340498&cv=9&fst=*&num=1&value=0&label=-XScCMmgicsBENLRv-0D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https://www.32red.com/&tiba=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VYLHX5KwHoTT3gOF-rjABw&eitems=ChEIgJOd_gUQr_egnIbEudztARIdACRyYNQ-TdhPCJJljsz2TOjs2-YYXrUPW-ivrPU&random=1654404121&resp=GooglemKTybQhCsO&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Dec 2020 12:02:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 02 Dec 2020 12:02:29 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1034938578/?random=2018340498&cv=9&fst=*&num=1&value=0&label=-XScCMmgicsBENLRv-0D&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wgb41&sendb=1&ig=1&frm=0&url=https://www.32red.com/&tiba=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=VYLHX5KwHoTT3gOF-rjABw&eitems=ChEIgJOd_gUQr_egnIbEudztARIdACRyYNQ-TdhPCJJljsz2TOjs2-YYXrUPW-ivrPU&random=1654404121&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
156 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=278155385876307&ev=Microdata&dl=https%3A%2F%2Fwww.32red.com%2F&rl=&if=false&ts=1606910550854&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now%22%2C%22meta%3Adescription%22%3A%22Instant%20Payouts.%20Regular%20Free%20Spin%20Offers%20at%2032Red%20Online%20Casino.%20Sign%20up%20to%2032Red.com%20for%20the%20best%20bonuses%2C%20frequent%20special%20offers%20and%20one%20of%20the%20largest%20selections%20of%20casino%20games.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.29&r=stable&ec=1&o=30&fbp=fb.1.1606910549349.272854619&it=1606910549316&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.32red.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36

Response headers

date: Wed, 02 Dec 2020 12:02:30 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 02 Dec 2020 12:02:30 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.atgsvcs.com
URL: https://static.atgsvcs.com/js/atgsvcs.js

Verdicts & Comments Add Verdict or Comment

267 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.32red.com/	1970-01-19 15:05:02	Name: BTAG Value: DirectRequest
www.32red.com/	1969-12-31 23:59:59	Name: CAKEPHP Value: 0n23htn0jmirnbma3covk1dop7
www.32red.com/	1970-01-19 15:06:28	Name: locale Value: Q2FrZQ%3D%3D.YjI3Y2I5OGUyNzk2MjM2ZDBjZWFkMjBmMmExZmE4ZjQwZjZlNGVkZDVjNzJiMzkwZDUzYjYzNDQxMTVkMGFjMJ5gPP47rKKquF2O6d%2FJMX1ljJYx5LtqdcBEegS9vJvo
www.32red.com/	1969-12-31 23:59:59	Name: Casino Value: %7B%22first%22%3A380%2C%22second%22%3A32947%7D
www.32red.com/	1969-12-31 23:59:59	Name: loadedCategory Value: home
www.32red.com/	1969-12-31 23:59:59	Name: claimButtonClicked Value: false
.32red.com/	1970-01-19 15:05:02	Name: __cfduid Value: de3b8d3852da2ab1b531e256e36d0aeeb1606910547

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - You are sending a non-standard event 'PageViewGTM'. The preferred way to send these events is using trackCustom. See 'https://developers.facebook.com/docs/ads-for-websites/pixel-events/#events' for more information.
console-api	log	URL: https://static.ads-twitter.com/uwt.js(Line 1) Message: content loaded
console-api	log	URL: https://static.ads-twitter.com/uwt.js(Line 1) Message: TwitterClickId in Cookie:undefined
console-api	log	URL: https://static.ads-twitter.com/uwt.js(Line 1) Message: TwitterClickId in Href:null

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32red.com
5807549.fls.doubleclick.net
ajax.cloudflare.com
api.graphyte.ai
c1.adalyser.com
cdn.graphyte.ai
connect.facebook.net
css.32red.com
googleads.g.doubleclick.net
red32gaames.com
script.crazyegg.com
secure.adnxs.com
services.postcodeanywhere.co.uk
static.32red.com
static.ads-twitter.com
static.atgsvcs.com
stats.g.doubleclick.net
t.co
tags.tiqcdn.com
www.32red.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
static.atgsvcs.com
104.109.77.38
104.17.116.43
104.244.42.133
165.160.15.20
172.217.23.162
185.33.220.241
199.232.56.157
216.58.210.6
217.10.139.203
2606:4700::6810:a723
2606:4700::6813:9408
2a00:1450:4001:806::2008
2a00:1450:4001:80b::200e
2a00:1450:4001:817::2008
2a00:1450:4001:81a::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2002
2a00:1450:400c:c0c::9b
2a00:1450:400c:c0c::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.249.4.239
52.209.95.26
99.86.7.66
0e49c2b4e86d3fda1dda93eb1210a47712f7b091181b4e7c6da2b3e6f8e86396
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13183b15b507722738ea05ab477488a783cae46717567ab27797396d8e31062f
193a2818e9e3e60e2c86fd3b829327b19843187fba3c7a6d1884c76d5630ff77
19b0b20382d2f55e2a148f34996b8e1042dc41417c7c8a699a75d5da6ae93e34
220dfc78f32ca158058a7d27afeed3ea36816538baf391dbe6aae3af9f77fd6d
30b509528a09195b7a7080345419048fd35269803cdfeab438a98c2176a1d9d0
3760b90483e1491e7df537db0055697ed9a3433796f1ab98327c598d7e931993
3908f39229b0d50edd744c9c3025cb55465f66a6c2c3c61fb15830a6ad1aa7f2
3ad91bc56e802c6fb8ad369737ac0a130e0a499d410a4c00edf0996aeb2e1280
3db39cbed2bf88aad2a271b3687da87409900affc0f4e738e5e7002a578eaecd
3e253e7a18e27e40bc9ea41b0a1a0a37419f5bc9f5178f72904d68100006813d
3e98bd1bfcea80893f7a6f36aea254fdab4a1982c7511cfa406dd79f51da7513
4c674c845a44326264f50219d5f7539323044b6a76384cf52270659cb41ddd6b
4efd5b9dd88e61cb5891af257ae3d4a83370e6cff70d150f5eabdeb24c37f40b
595ccda4303e8b0ff3415aa12bd620eebe434c48a4c3ebaf825c544fcfe0614d
5fa92d7ef514a7e90a078083fd3bc01237736a88544a25a41c0ebb1f5d3dc9b6
677a65d8f2aeb023603a4d3b46f37de723e4a3fb7fad11f2339893d40be8b7e5
6a15b56b3ab11e5c2a9744c7e7965c5edc19881eb50dcb605d2a489d649d2f63
6b6a04806a0b7d40c3f34df06019d00ae8a476d94c069bc7e013a45e64792780
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
74bc0a0bdcfd578e5a6c58d68c93af37151798340cf8f396f9446cbadb5631cd
776b862de717732b909590d3ce53c81c9611c3f1c7230a3451b11bb2be48da3a
7b9683c7535fa5dee5241e7ec77a62571362722ed1c8a32007ea84069454c413
80a5f94a201ad353f364deeb6bdc6c3454f85503b58d1e74055fe1f1a605abc2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87c9f1b66eb74a2c7c335b882b270dfab7f095debbf675760e86967824dc3633
8a8beec5e0c5d2e3d4071a8c532dd315c8a22e30fcdf570946a360e19809aace
94010a2bfb62b96df2d4dd64b2006e7240338ae983e6bef406101b65a1ef42b8
9677a9eb54e83b23c5d6b6938ac3b697ec9d025816d21da56c72f3bcf4735de6
9bef384855f383317b1fdc195dbca645cd11c71baef5140d457f2f6eafa84dd5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a54e2c42a9f9497b880f571462ea03949ad526e4b5d67e298369f2a775755758
a681c12a11db94fa428cc8263ec65ae99aa55e7197f8b531c1faaf2684b8b71f
a7392ff19107f054658ad2eaea2e7628f5a265cc7c09a94c5fdb19db6739c91b
a9b042176309227b941bcf4f92932c28817c7bb0e5cc128cdb2360bb965ad439
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b08cdbc2d30e656a86b20f8342428d5863f70f4b30135b4f4061f754ce932f5e
bf68bf45478877a7316d254e1a3e2604e0e1b4ba0cbba2e394fc0ba774b0989a
c05a2b5ca4d672bc37d8abaa2f5f9958cc0484199c6fffd012615e328278822c
c2eee525972c2b03779f3d1d8c8d97559d4de12d40f3aca2f6385cf0f5bed56d
c58581f14d33cd1d7c0a0c399ec373046cc4a10373ddceed6ef5d068ce2917aa
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
d0448b0f29df3226d9612bdf00fd4e1b8b54b40d166870edc13622f1f5fd8ab3
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e522ca760d3d65b0633e24e06645a0ea989b3415f734ec80fc0d6636f5305130
e7786d13cb705435a677eec510c699e4ad381dd936638815c19ef27b28eb8bb1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f616790eef8b646a83c55e7d3adfa639d40adac0b1c21b6c785860898f433dd1
f7d30d50c8bd1a098e213d2798fdbef78e34b752fd852beccc94229ab074a55d
f85d09fb46544e82ca327703c16c54c67e589d5032ed0359919c1d848abb67d5

www.32red.com Open in urlscan Pro 104.17.116.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

43 Requests

98 %HTTPS

50 %IPv6

20 Domains

26 Subdomains

23 IPs

6 Countries

1606 kBTransfer

4356 kBSize

7 Cookies

5 Outgoing links

Page URL History

Redirected requests

43 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.32red.com Open in urlscan Pro
104.17.116.43 Public Scan

Screenshot
Live screenshot

Full Image

43
Requests

98 %
HTTPS

50 %
IPv6

20
Domains

26
Subdomains

23
IPs

6
Countries

1606 kB
Transfer

4356 kB
Size

7
Cookies

43 HTTP transactions
17 data transactions