Submitted URL: https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html#rd/c4680JvsoL3112079qCIS28017ocS1831Jket121
Effective URL: https://www.rembrandtcasino.com/en/register
Submission: On September 09 via api from BE — Scanned from DE

Summary

This website contacted 36 IPs in 8 countries across 30 domains to perform 96 HTTP transactions. The main IP is 2606:4700:20::681a:4f1, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.rembrandtcasino.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 24th 2021. Valid for: a year.
This is the only time www.rembrandtcasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2a00:1450:400... 15169 (GOOGLE)
1 2 94.102.4.214 51559 (NETINTERN...)
1 1 34.117.99.21 15169 (GOOGLE)
1 1 52.210.174.128 16509 (AMAZON-02)
3 26 2606:4700:20:... 13335 (CLOUDFLAR...)
1 37.157.2.248 198622 (ADFORM)
3 2a04:4e42:600... 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
9 174.138.107.223 14061 (DIGITALOC...)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 185.33.220.240 29990 (ASN-APPNEX)
2 69.173.144.139 26667 (RUBICONPR...)
1 3 18.192.92.12 16509 (AMAZON-02)
1 3 185.94.180.126 35220 (SPOTX-AMS)
1 2.21.142.210 16625 (AKAMAI-AS)
1 3 52.215.165.29 16509 (AMAZON-02)
2 185.64.190.80 62713 (AS-PUBMATIC)
2 2 142.250.201.194 15169 (GOOGLE)
1 178.62.202.251 14061 (DIGITALOC...)
1 4 37.157.4.39 198622 (ADFORM)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:54::84 54113 (FASTLY)
4 2a03:2880:f02... 32934 (FACEBOOK)
2 2a00:1450:402... 15169 (GOOGLE)
3 2.18.48.37 33905 (AKAMAI-AMS)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 13.225.87.76 16509 (AMAZON-02)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 4 213.155.156.188 ()
1 13.224.193.38 16509 (AMAZON-02)
1 205.185.208.79 ()
1 143.204.207.9 ()
2 2a00:1450:400... ()
1 2a00:1450:400... ()
96 36
Apex Domain
Subdomains
Transfer
26 rembrandtcasino.com
www.rembrandtcasino.com
1 MB
10 bidtheatre.com
adsby.bidtheatre.com
match.adsby.bidtheatre.com
16 KB
8 google.com
apis.google.com
www.google.com
accounts.google.com
115 KB
5 adform.net
s2.adform.net
cm.adform.net
track.adform.net
29 KB
4 de17a.com
tb.de17a.com
9 KB
4 facebook.net
connect.facebook.net
183 KB
4 google-analytics.com
www.google-analytics.com
39 KB
4 doubleclick.net
cm.g.doubleclick.net
stats.g.doubleclick.net
2 KB
3 hotjar.com
static.hotjar.com
script.hotjar.com
vars.hotjar.com
63 KB
3 pinterest.com
ct.pinterest.com
1 KB
3 smartclip.net
ad.sxp.smartclip.net
2 KB
3 spotxchange.com
sync.search.spotxchange.com
2 KB
3 360yield.com
ad.360yield.com
1 KB
3 adnxs.com
ib.adnxs.com
3 KB
3 jsdelivr.net
cdn.jsdelivr.net
6 KB
2 facebook.com
www.facebook.com
414 B
2 google.de
www.google.de
629 B
2 pinimg.com
s.pinimg.com
18 KB
2 pubmatic.com
simage2.pubmatic.com
983 B
2 rubiconproject.com
pixel.rubiconproject.com
478 B
2 gstatic.com
www.gstatic.com
ssl.gstatic.com
175 KB
2 offpage.xyz
offpage.xyz
573 B
2 googleapis.com
storage.googleapis.com
fonts.googleapis.com
2 KB
1 trafficjunky.com
static.trafficjunky.com
3 KB
1 freegeoip.app
freegeoip.app
880 B
1 stickyadstv.com
ads.stickyadstv.com
731 B
1 googletagmanager.com
www.googletagmanager.com
59 KB
1 go2cloud.org
trafficgridmedia.go2cloud.org
2 KB
1 k33clq-3.com
www.k33clq-3.com
449 B
0 bidr.io Failed
match.prod.bidr.io Failed
96 30
Domain Requested by
26 www.rembrandtcasino.com 3 redirects offpage.xyz
www.rembrandtcasino.com
9 adsby.bidtheatre.com www.rembrandtcasino.com
adsby.bidtheatre.com
www.googletagmanager.com
4 tb.de17a.com 1 redirects storage.googleapis.com
tb.de17a.com
4 connect.facebook.net storage.googleapis.com
connect.facebook.net
www.rembrandtcasino.com
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
storage.googleapis.com
3 ct.pinterest.com s.pinimg.com
3 ad.sxp.smartclip.net 1 redirects adsby.bidtheatre.com
3 sync.search.spotxchange.com 1 redirects adsby.bidtheatre.com
3 ad.360yield.com 1 redirects adsby.bidtheatre.com
3 ib.adnxs.com 1 redirects adsby.bidtheatre.com
3 www.google.com www.rembrandtcasino.com
3 apis.google.com www.rembrandtcasino.com
apis.google.com
3 cdn.jsdelivr.net www.rembrandtcasino.com
cdn.jsdelivr.net
2 accounts.google.com apis.google.com
ssl.gstatic.com
2 track.adform.net 1 redirects
2 www.facebook.com
2 www.google.de
2 stats.g.doubleclick.net www.google-analytics.com
2 s.pinimg.com www.googletagmanager.com
s.pinimg.com
2 cm.adform.net adsby.bidtheatre.com
2 cm.g.doubleclick.net 2 redirects
2 simage2.pubmatic.com adsby.bidtheatre.com
2 pixel.rubiconproject.com
2 offpage.xyz 1 redirects storage.googleapis.com
1 ssl.gstatic.com accounts.google.com
1 vars.hotjar.com static.hotjar.com
1 static.trafficjunky.com storage.googleapis.com
1 script.hotjar.com static.hotjar.com
1 freegeoip.app cdn.jsdelivr.net
1 static.hotjar.com storage.googleapis.com
1 match.adsby.bidtheatre.com
1 ads.stickyadstv.com
1 www.gstatic.com www.google.com
1 www.googletagmanager.com storage.googleapis.com
1 fonts.googleapis.com www.rembrandtcasino.com
1 s2.adform.net www.rembrandtcasino.com
1 trafficgridmedia.go2cloud.org 1 redirects
1 www.k33clq-3.com 1 redirects
1 storage.googleapis.com
0 match.prod.bidr.io Failed
96 40
Subject Issuer Validity Valid
*.storage.googleapis.com
GTS CA 1O1
2021-08-23 -
2021-11-15
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2021-06-24 -
2022-06-23
a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-09-06 -
2022-10-07
a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2020
2021-04-30 -
2022-06-01
a year crt.sh
*.apis.google.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.bidtheatre.com
Go Daddy Secure Certificate Authority - G2
2020-12-17 -
2022-01-18
a year crt.sh
www.google.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
upload.video.google.com
GTS CA 1O1
2021-08-23 -
2021-11-15
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.gstatic.com
GTS CA 1C3
2021-08-23 -
2021-11-15
3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2021-03-05 -
2022-02-19
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2021-03-30 -
2022-04-04
a year crt.sh
*.360yield.com
Amazon
2021-07-29 -
2022-08-27
a year crt.sh
*.search.spotxchange.com
GeoTrust RSA CA 2018
2021-04-08 -
2022-05-09
a year crt.sh
ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1
2020-11-13 -
2021-11-17
a year crt.sh
*.smartclip.net
Amazon
2021-01-29 -
2022-02-26
a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1
2020-12-07 -
2021-12-14
a year crt.sh
match.adsby.bidtheatre.com
Go Daddy Secure Certificate Authority - G2
2021-06-21 -
2022-07-23
a year crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1
2021-05-28 -
2022-06-15
a year crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1
2021-07-27 -
2022-08-05
a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2021-07-20 -
2021-10-18
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2021-08-16 -
2021-11-08
3 months crt.sh
www.google.de
GTS CA 1C3
2021-08-16 -
2021-11-08
3 months crt.sh
*.hotjar.com
Amazon
2020-12-25 -
2022-01-23
a year crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA
2020-11-25 -
2021-12-25
a year crt.sh
*.trafficjunky.com
DigiCert SHA2 High Assurance Server CA
2020-10-15 -
2021-10-19
a year crt.sh
accounts.google.com
GTS CA 1C3
2021-08-16 -
2021-11-08
3 months crt.sh

This page contains 5 frames:

Primary Page: https://www.rembrandtcasino.com/en/register
Frame ID: 6B7E3541C7810D9806D94B88D4124498
Requests: 90 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Frame ID: C6157E927782CAD47A8F081275BE1234
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Frame ID: CEB65A20151F712E3164335245E913C5
Requests: 1 HTTP requests in this frame

Frame: https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%22%2C%22title%22%3A%22Register%20with%20Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World%22%2C%22trackingAccountId%22%3A%2217728%22%2C%22referrer%22%3A%22http%3A%2F%2Foffpage.xyz%2F%22%7D&callback=$d7_cb_2
Frame ID: 23612EEDD7D8E537EF5FC006CF702535
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: C08F307B34D7E3EE9BDFEF972F94B5B1
Requests: 3 HTTP requests in this frame

Screenshot

Page Title

Register with Rembrandt Casino | Probably the Best Casino in the World

Page URL History Show full URLs

  1. https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html Page URL
  2. http://offpage.xyz/rd/c4680JvsoL3112079qCIS28017ocS1831Jket121 Page URL
  3. http://offpage.xyz/track/c4680JvsoL3112079qCIS28017ocS1831Jket121 HTTP 302
    https://www.k33clq-3.com/2CRWBRB44/2KTQH2G/?sub1=24&sub2=121-4680&sub3=3112079-28017-1831 HTTP 302
    https://trafficgridmedia.go2cloud.org/aff_c?offer_id=173&aff_id=1000&aff_click_id=ea0de91901b44172b06481a414e10bf9... HTTP 302
    https://www.rembrandtcasino.com/deep/player--register/mediaCode/textlink/affiliate/20651/transaction_id/1021... HTTP 307
    https://www.rembrandtcasino.com/en/deep/player--register/mediaCode/textlink/affiliate/20651/transaction_id/1... HTTP 302
    https://www.rembrandtcasino.com/register HTTP 307
    https://www.rembrandtcasino.com/en/register Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <(?:iframe|img)[^>]+adnxs\.(?:net|com)
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js

Overall confidence: 100%
Detected patterns
  • //static\.hotjar\.com/

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Overall confidence: 100%
Detected patterns
  • <link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
  • //cdn\.jsdelivr\.net/

Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

96
Requests

97 %
HTTPS

45 %
IPv6

30
Domains

40
Subdomains

36
IPs

8
Countries

1922 kB
Transfer

4323 kB
Size

41
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html Page URL
  2. http://offpage.xyz/rd/c4680JvsoL3112079qCIS28017ocS1831Jket121 Page URL
  3. http://offpage.xyz/track/c4680JvsoL3112079qCIS28017ocS1831Jket121 HTTP 302
    https://www.k33clq-3.com/2CRWBRB44/2KTQH2G/?sub1=24&sub2=121-4680&sub3=3112079-28017-1831 HTTP 302
    https://trafficgridmedia.go2cloud.org/aff_c?offer_id=173&aff_id=1000&aff_click_id=ea0de91901b44172b06481a414e10bf9&aff_sub=670343&aff_sub2=24&aff_sub3=121-4680 HTTP 302
    https://www.rembrandtcasino.com/deep/player--register/mediaCode/textlink/affiliate/20651/transaction_id/102182fe9f8786a919d3eecc38131f HTTP 307
    https://www.rembrandtcasino.com/en/deep/player--register/mediaCode/textlink/affiliate/20651/transaction_id/102182fe9f8786a919d3eecc38131f HTTP 302
    https://www.rembrandtcasino.com/register HTTP 307
    https://www.rembrandtcasino.com/en/register Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34
  • https://ib.adnxs.com/setuid?entity=107&code=0d843e9a-e7d3-40fd-979f-357e351b9264&seg=1433491 HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D107%26code%3D0d843e9a-e7d3-40fd-979f-357e351b9264%26seg%3D1433491
Request Chain 36
  • https://ad.360yield.com/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=0d843e9a-e7d3-40fd-979f-357e351b9264 HTTP 302
  • https://ad.360yield.com/ul_cb/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=0d843e9a-e7d3-40fd-979f-357e351b9264
Request Chain 37
  • https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=0d843e9a-e7d3-40fd-979f-357e351b9264 HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=0d843e9a-e7d3-40fd-979f-357e351b9264&__user_check__=1&sync_id=57d972fd-1188-11ec-9a4f-160292010106
Request Chain 39
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=0d843e9a-e7d3-40fd-979f-357e351b9264 HTTP 302
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=0d843e9a-e7d3-40fd-979f-357e351b9264&ang_testid=1
Request Chain 41
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm=&google_tc= HTTP 302
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEAa-rrJt0L-aZem6Uk9A_90&google_cver=1&google_ula=8233808,2
Request Chain 67
  • https://track.adform.net/Serving/TrackPoint/?pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=969622232373&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Foffpage.xyz%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister HTTP 302
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=969622232373&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Foffpage.xyz%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Request Chain 81
  • https://ads.stickyadstv.com/user-registering?dataProviderId=191&userId=0d843e9a-e7d3-40fd-979f-357e351b9264 HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=68995528c4956af88a4fd5e325d8a4a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l281d_7005966918277245712 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=Njg5OTU1MjhjNDk1NmFmODhhNGZkNWUzMjVkOGE0YQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=Njg5OTU1MjhjNDk1NmFmODhhNGZkNWUzMjVkOGE0YQ==&gdpr=0&gdpr_consent=&google_tc= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=&google_error=3&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=eee7cd80-311b-466f-b07c-be31cce750c2 HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1179331125129668025 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/68995528c4956af88a4fd5e325d8a4a&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-AEZscuFE2oPYP.R7Gx9Z3FIvI52742ovx6u16Jrm~A HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=c036613a-31cc-4500-9c9b-50fe7ecc10fd&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8618911629037728404 HTTP 302
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_ HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=zqVXIsfu1MomCw5 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Request Chain 84
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm=&google_tc= HTTP 302
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_error=3
Request Chain 87
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1 HTTP 307
  • https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1

96 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
xiferptcslokd.html
storage.googleapis.com/nbvcdfghytre/
247 B
847 B
Document
General
Full URL
https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

:method
GET
:authority
storage.googleapis.com
:scheme
https
:path
/nbvcdfghytre/xiferptcslokd.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

x-guploader-uploadid
ADPycdvq87A7g-MLIIhiIKESxU6qz2Hj91QMDvd-4rXE4by6EYMFNerAvyUXbBwRX5Ydz5UqWQV9rRu9Ym0JhR0VXgw
expires
Thu, 09 Sep 2021 17:01:05 GMT
date
Thu, 09 Sep 2021 16:01:05 GMT
last-modified
Tue, 20 Jul 2021 23:08:00 GMT
etag
"613827b2ff27db0a08797a65c1134f7b"
x-goog-generation
1626822480674459
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
247
content-type
text/html
x-goog-hash
crc32c=mq8AKw== md5=YTgnsv8n2woIeXplwRNPew==
x-goog-storage-class
STANDARD
accept-ranges
bytes
content-length
247
server
UploadServer
age
514
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
c4680JvsoL3112079qCIS28017ocS1831Jket121
offpage.xyz/rd/
235 B
352 B
Document
General
Full URL
http://offpage.xyz/rd/c4680JvsoL3112079qCIS28017ocS1831Jket121
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html
Protocol
HTTP/1.1
Server
94.102.4.214 , Turkey, ASN51559 (NETINTERNET Netinternet Bilisim Teknolojileri AS, TR),
Reverse DNS
static.94-102-4-214.clients2.mlbfan.org
Software
/
Resource Hash

Request headers

Host
offpage.xyz
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=utf-8
Date
Thu, 09 Sep 2021 16:09:40 GMT
Content-Length
235
Primary Request register
www.rembrandtcasino.com/en/
Redirect Chain
  • http://offpage.xyz/track/c4680JvsoL3112079qCIS28017ocS1831Jket121
  • https://www.k33clq-3.com/2CRWBRB44/2KTQH2G/?sub1=24&sub2=121-4680&sub3=3112079-28017-1831
  • https://trafficgridmedia.go2cloud.org/aff_c?offer_id=173&aff_id=1000&aff_click_id=ea0de91901b44172b06481a414e10bf9&aff_sub=670343&aff_sub2=24&aff_sub3=121-4680
  • https://www.rembrandtcasino.com/deep/player--register/mediaCode/textlink/affiliate/20651/transaction_id/102182fe9f8786a919d3eecc38131f
  • https://www.rembrandtcasino.com/en/deep/player--register/mediaCode/textlink/affiliate/20651/transaction_id/102182fe9f8786a919d3eecc38131f
  • https://www.rembrandtcasino.com/register
  • https://www.rembrandtcasino.com/en/register
38 KB
11 KB
Document
General
Full URL
https://www.rembrandtcasino.com/en/register
Requested by
Host: offpage.xyz
URL: http://offpage.xyz/rd/c4680JvsoL3112079qCIS28017ocS1831Jket121
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd918352908d83e454f6a7e1b59df4db1a89f38a62069b480463501e48230dfa
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://*.biahosted.com https://*.paymentiq.io https://*.safecharge.com
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:method
GET
:authority
www.rembrandtcasino.com
:scheme
https
:path
/en/register
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
http://offpage.xyz/
accept-encoding
gzip, deflate, br
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
http://offpage.xyz/rd/c4680JvsoL3112079qCIS28017ocS1831Jket121

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=16070400; includeSubDomains
set-cookie
lang=en; SameSite=None; Secure; path=/; domain=.rembrandtcasino.com visited=Yes; SameSite=None; Secure; expires=Tue, 08-Sep-2026 16:09:41 GMT; Max-Age=157680000; path=/; domain=.rembrandtcasino.com
vary
Accept-Encoding
x-ua-compatible
IE=edge
content-security-policy
frame-ancestors 'self' https://*.biahosted.com https://*.paymentiq.io https://*.safecharge.com
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5m4ZKwO534kQRuWz9FAioLC0fOTdByX8WjPjuI64PN60Ir7hfysHpvqvDdAL0V3ZrI9st86IUAzLwprCPuktE5YyACE8Ik4HWFWC2opZGH58FNLui0P0OVKJ1%2B%2FY8uRVVqQFh9EmOKSoT0lUsqrWAt5R21Sl"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c1aeb30bf605b7-FRA
content-encoding
br

Redirect headers

date
Thu, 09 Sep 2021 16:09:41 GMT
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
strict-transport-security
max-age=16070400; includeSubDomains
set-cookie
lang=en; SameSite=None; Secure; path=/; domain=.rembrandtcasino.com
location
/en/register
x-ua-compatible
IE=edge
content-security-policy
frame-ancestors 'self' https://*.biahosted.com https://*.paymentiq.io https://*.safecharge.com
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=naoGt6Q0F7ZjkgQWi%2BNFJFZ4vSjQqOSsg%2FKlEZeDIIZa78tTah4eMLc36MyeWxJw8znYPwzx8sV7RxRH6nvLGAw3fpm9Nl17KtjRlRf8AfVFhUxQcgqWUVinOjpMuiRT4iaZCCsIqo9653rGxldeAz8AhqFa"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68c1aeb24a7605b7-FRA
main.1631183224.css
www.rembrandtcasino.com/css/
765 KB
139 KB
Stylesheet
General
Full URL
https://www.rembrandtcasino.com/css/main.1631183224.css
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f0a4ac2f8478b7610d283e4e20a224e0508190e0ccf33915ae4cf58d838bab5
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/css/main.1631183224.css
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g28gfcKHVbFjqhlQi%2B705Srl2pV9hoR04DinEr4aLc5Wxm%2BOLPgXK%2BM%2FD8P1SnHF71pfg2gYPrqLEGMJAJhjTcdH1zqTE9EKP9MdtTLGQkvx9AvJGPH47vVnvERU43xZ9df%2FVMtUu144g06r5zAQN5ZqzZhL"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
public, max-age=14400
cf-ray
68c1aeb4cf3005b7-FRA
expires
Thu, 09 Sep 2021 20:09:41 GMT
live-chat.png
www.rembrandtcasino.com/images/
2 KB
3 KB
Image
General
Full URL
https://www.rembrandtcasino.com/images/live-chat.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3d1d2c131cc9a82532ee11da41c7d0e7315a277ec53d6b21b343a5de3142f0a
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/images/live-chat.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
cf-polished
origFmt=png, origSize=3913
content-disposition
inline; filename="live-chat.webp"
vary
Accept
content-length
2226
last-modified
Thu, 30 Apr 2020 12:56:22 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9cT5wFvOBGCK8kY9mrd125V1RJ6o%2F94Att%2BDoDHGWgMy8WYndr%2BwUiuoDAplFZVMIm8mPzeTuuF5IZjj2wXy6ZSY%2B5UZkYmF69giPw0dXmgUuWDfQMWD3Au34byRY6tGJGF3Rcide4KD%2Bpp5v%2B1Tq57nqWww"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:41 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb4cf3305b7-FRA
cf-bgj
imgq:85,h2pri
logo.png
www.rembrandtcasino.com/assets/
13 KB
13 KB
Image
General
Full URL
https://www.rembrandtcasino.com/assets/logo.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9a20fa78246b8b2f0d8d168e33dd3860affa0fb2757a2fde2bd817bab5d495f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/logo.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
cf-polished
origFmt=png, origSize=13828
content-disposition
inline; filename="logo.webp"
vary
Accept
content-length
13296
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Odcsk18Me0omF9WIXmq03%2F%2BPIGFSFQ%2Bmno7vWWemuqQeFAluUWodVvItfKH%2BHQaKAZ2HZdJ%2BMqXkZHXtIu74N92AzWYDJNLvS4T7pr79ZkMThaoZckmI5wDxZHgZWtIsATpy9KwXTdUdqmR2cMLM4hZQTpdm"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:41 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb4cf3e05b7-FRA
cf-bgj
imgq:85,h2pri
rem-trafficgrid-black-friday-mobile-318x147.png
www.rembrandtcasino.com/images/amkt/
20 KB
21 KB
Image
General
Full URL
https://www.rembrandtcasino.com/images/amkt/rem-trafficgrid-black-friday-mobile-318x147.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7318e85c2e4eac4452a9b28c83b63800d7781eaae08f92f6bb395a01c6e90bc9
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/images/amkt/rem-trafficgrid-black-friday-mobile-318x147.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=16070400; includeSubDomains
content-length
20684
last-modified
Fri, 06 Nov 2020 13:46:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FZ46KHzym0cFt30lTlcuyBfhVze0HvcY3XvUG4QGHq1KQoWtslxJBfMwY34LGdmHD%2FwJeR%2FC4AYY8T3GsaAez3QpLz2GX1E0v6W2G6pAH2p4lox4fiErNWqNBtNiUFqSqjzD07UeqLf5s8HorApDB8i0Rxrh"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb4cf4105b7-FRA
expires
Thu, 09 Sep 2021 20:09:41 GMT
rem-trafficgrid-black-friday-desktop-450x747.png
www.rembrandtcasino.com/images/amkt/
97 KB
98 KB
Image
General
Full URL
https://www.rembrandtcasino.com/images/amkt/rem-trafficgrid-black-friday-desktop-450x747.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a1da7c522191c27fc148db8450e1dd31b19d58f1b8fdd2b6364da9e18653f740
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/images/amkt/rem-trafficgrid-black-friday-desktop-450x747.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=16070400; includeSubDomains
content-length
99731
last-modified
Fri, 06 Nov 2020 13:46:43 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0WkWiZlqXjxaYa%2FbO0PZzpgEPKvddVsCJPOcpfx4fIF9wtLZZJOEdgkOyuZB8z1UCupcsrdS5IZB7xzHy4KRkqr1y%2BmLAvJFkLxmBr10CwXhwN1UbdZScagJsop4gm3X3qNdUsxDg3feBVdYfUAOpinNQ6K0"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb4cf4205b7-FRA
expires
Thu, 09 Sep 2021 20:09:41 GMT
sticky-home.png
www.rembrandtcasino.com/assets/sticky-navigation/
186 B
647 B
Image
General
Full URL
https://www.rembrandtcasino.com/assets/sticky-navigation/sticky-home.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
377c94c47bf37aa0f6c2aeb49e684c5e08a20e056a01d05438772f24e87e62c1
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/sticky-navigation/sticky-home.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
cf-polished
origFmt=png, origSize=322
content-disposition
inline; filename="sticky-home.webp"
vary
Accept
content-length
186
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w85mheephJ2upbkX%2FAtoeZDezrMZy8OOvqLxuBDTTQE0reTTKiwZl6OJN7vavMgf7QteM0Rtz7mt5OkVfuwuqate01LM00B7lm2myBaWEn3b8%2BMNTMGegc07OwE0bu%2BGr8vuZNMY9KMmaG36JyvReRCVy3lE"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:41 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb4cf4805b7-FRA
cf-bgj
imgq:85,h2pri
sticky-promotions.png
www.rembrandtcasino.com/assets/sticky-navigation/
338 B
687 B
Image
General
Full URL
https://www.rembrandtcasino.com/assets/sticky-navigation/sticky-promotions.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2125353aeb7048165c70a8e3ca03e07477d68e0fe9da5b212f0340cb0a1ecfb6
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/sticky-navigation/sticky-promotions.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
cf-polished
origFmt=png, origSize=506
content-disposition
inline; filename="sticky-promotions.webp"
vary
Accept
content-length
338
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zq0oSOGNglis2MWrV95IO%2Fy4g7gUoutpCOEomqwxsoVgfYggxB7cwWtXZGajbWOTJrdBdrfqARwn8%2FfxN9peEw7ziANoUUi8vbs%2FsyimEExqSyjx0fAMXjHrcd1K3XqOpNLxXJS3VPskh0pn0vvg1besDqtv"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:41 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb4cf4a05b7-FRA
cf-bgj
imgq:85,h2pri
sticky-search.png
www.rembrandtcasino.com/assets/sticky-navigation/
284 B
657 B
Image
General
Full URL
https://www.rembrandtcasino.com/assets/sticky-navigation/sticky-search.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5635aaec368fd848af702de7c92589548ae4c60a141931b6d42b55f94c22ec79
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/sticky-navigation/sticky-search.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
cf-polished
origFmt=png, origSize=439
content-disposition
inline; filename="sticky-search.webp"
vary
Accept
content-length
284
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bwfC4Bm7cQHPRx4fsMge1XUt6oiXpF69NmJZjNd3qrlcsssNDMqg%2B2t20XZzjch4iNb7k40QZfjpuwqwzGiYhkhoJ5cG1Zn4OllnoezQr7qc09m5%2FHvBjpWVLiKCFQUz0xtx0OlymV%2FN42j8gqOBNhf%2BcOC4"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:41 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb4cf4e05b7-FRA
cf-bgj
imgq:85,h2pri
sticky-support.png
www.rembrandtcasino.com/assets/sticky-navigation/
60 B
431 B
Image
General
Full URL
https://www.rembrandtcasino.com/assets/sticky-navigation/sticky-support.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46929d186132d652766af278d5e0c6da4c389c8a0d362fd9f9bb60301bcec40b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/sticky-navigation/sticky-support.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
cf-polished
origFmt=png, origSize=108
content-disposition
inline; filename="sticky-support.webp"
vary
Accept
content-length
60
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a%2BIyiiI0g2ACtePtxTvtPXRMIbY2gPNKrd050F5taQKuo5foTP8ks1Wu1lm1zN0OY9uqW%2FRLzAAbJZiSdbrc8qFvDL7nJRKGWlkzFI07v5DGl8OuywXbliGu2471Jd3%2BE6AsrcbQyQtZAYEg8pJlmwVKqbUt"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:41 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb4cf5105b7-FRA
cf-bgj
imgq:85,h2pri
sticky-account.png
www.rembrandtcasino.com/assets/sticky-navigation/
156 B
625 B
Image
General
Full URL
https://www.rembrandtcasino.com/assets/sticky-navigation/sticky-account.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d6e1609d75a33b567eafb43d8f297315fd1c0a3f0876d55d06745697a017d7bd
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/sticky-navigation/sticky-account.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
cf-polished
origFmt=png, origSize=195
content-disposition
inline; filename="sticky-account.webp"
vary
Accept
content-length
156
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qNgNCT1%2BnF2Em6WEdPkNGG6qsxpKmGSRIPgoQeyLV230xIfqjcT7QbDhq4MxFNT40VqErfFoWrSnxSBYDvD3T7kFCLb1pl%2BWSY%2BPe4KWXoSIC%2Bq7PKCI2DmypF3ejJsQjYmqyVW7RDiQ3cRxzzwxepIZegy6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:41 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb4cf5405b7-FRA
cf-bgj
imgq:85,h2pri
mga-logo.png
www.rembrandtcasino.com/assets/
3 KB
4 KB
Image
General
Full URL
https://www.rembrandtcasino.com/assets/mga-logo.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0268fcad810da536a3cf84e7697c0cc35765022ce9813314ec96c4578ade61fb
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/mga-logo.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
cf-polished
origFmt=png, origSize=4116
content-disposition
inline; filename="mga-logo.webp"
vary
Accept
content-length
3250
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U32mjgX231dIy4yDcBMN2vNW5%2FYqoiXwSlIBB77KtJscKUmN1atA2gqRoL9WimT19Dbxl94xyF3X%2BVcKQdpAug%2BTa6T%2BSZPgRs2jOZVVmQnmlHjDw6T6BQ0NH25CVLmeNic8x%2BdAcm9LMlA8I%2FHmtEdSMdlM"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:41 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb4cf5805b7-FRA
cf-bgj
imgq:85,h2pri
rocket-loader.min.js
www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/
12 KB
4 KB
Script
General
Full URL
https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

:path
/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 07 Sep 2021 12:26:08 GMT
server
cloudflare
etag
W/"61375a60-302c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f7QutLY4gPQcoiPuxW6UjqbXEf0RCjXk2hib1L7GK4QXp0%2FwsybA3RZ7Wd1j89FFsCErI29tc6IUYfaAhIY3Pd05Ce9sNqYlXWQgnPpth2glr9Rfw3MBdMgJqM51Xm8DnpdRq%2Fl7yHypD6iH7lzIxXFhPsKC"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800 public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68c1aeb4cf5905b7-FRA
vary
Accept-Encoding
expires
Sat, 11 Sep 2021 16:09:41 GMT
trackpoint-sync.js
s2.adform.net/banners/scripts/st/
78 KB
28 KB
Script
General
Full URL
https://s2.adform.net/banners/scripts/st/trackpoint-sync.js
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.248 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
765110c2ed9df6800bace14e8a25e1eab733ff6b792266fbcbe3a34b6649da0b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
content-encoding
gzip
last-modified
Wed, 08 Sep 2021 09:57:16 GMT
server
nginx
etag
W/"613888fc-13729"
x-cache-status
HIT
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
application/x-javascript
app.1631183175086.js
www.rembrandtcasino.com/js/
159 KB
45 KB
Script
General
Full URL
https://www.rembrandtcasino.com/js/app.1631183175086.js
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4e2e3e4632b82427098b97dab6bcaf06f48e64995c05a36ed5b7bcd811400ec
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/js/app.1631183175086.js
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ISeW1ku7WCXtqFDsE6M3CnHKWwR91f1iPUZBtqSJfmVTk%2BUTT2TLy8fl%2BG%2FyrwmzSfdvv0poqSlIqXuXlJ94Z%2FTIGRCcXTzGH4v3X4syx0J4o0RdTBN4gejoYaNE14BxkFuicZHCIReleDP04wbbX1n5WEB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
68c1aeb4ef8f05b7-FRA
expires
Thu, 09 Sep 2021 20:09:41 GMT
vendor.1631183175086.js
www.rembrandtcasino.com/js/
352 KB
105 KB
Script
General
Full URL
https://www.rembrandtcasino.com/js/vendor.1631183175086.js
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c766bc0193a72b72a1c2b1d8d8704a221d50f23d0973d19e550eedc2df20740f
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/js/vendor.1631183175086.js
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
vary
Accept-Encoding
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FuxHfDy7ccRiXavENb6rqd31m2a7uxEy0vrLMKJW%2FZmglVWYY0pp8KpalORgIpD4KwGIx932mUYmefOTvON42JFsW0VntCCHjbYOhPo5xtQ2vSUtdkNKjnF9p5RxwpOze23tvkq73N1EnJfDt2Qm2w0J3CV8"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=14400
cf-ray
68c1aeb4ef9605b7-FRA
expires
Thu, 09 Sep 2021 20:09:41 GMT
cookiebar-latest.min.js
cdn.jsdelivr.net/npm/cookie-bar/
7 KB
3 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=en&theme=flying&tracking=1&thirdparty=1&always=1&hideDetailsBtn=1&showPolicyLink=1&privacyPage=%2Fprivacy
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8d9e56ea137c84a417dfc43c2b05c93556ed6d01c7670c733d8cd74e9ff1c9be
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2566
x-jsd-version
1.9.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
2284
etag
W/"1bbd-yU/UFfPus6JR5XRBDSGjIs6rCTc"
x-served-by
cache-fra19179-FRA
x-jsd-version-type
version
date
Thu, 09 Sep 2021 16:09:41 GMT
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
api:client.js
apis.google.com/js/
12 KB
6 KB
Script
General
Full URL
https://apis.google.com/js/api:client.js
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:801::200e Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
911fcf59d6270af3430e336493a0f1e1df768a2629d2ba99e323f76bcce19d0c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Loo7vk/xnbj8mh+jGlLSEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
x-ua-compatible
IE=edge, chrome=1
server
ESF
x-frame-options
SAMEORIGIN
etag
"c944bbd16015cb08eeea4cdfcf750e74"
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
content-security-policy
script-src 'report-sample' 'nonce-Loo7vk/xnbj8mh+jGlLSEA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin
*
expires
Thu, 09 Sep 2021 16:09:47 GMT
asx_track.min.js
adsby.bidtheatre.com/js/
7 KB
2 KB
Script
General
Full URL
https://adsby.bidtheatre.com/js/asx_track.min.js
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7464584122eea6d02b01347b8f092b8a627793bd3270d71e92ed7c5a6544822e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:41 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 13:03:08 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
W/"7091-1631192588000-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2419200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=3000
Content-Length
1946
Expires
Thu, 07 Oct 2021 16:09:41 GMT
api.js
www.google.com/recaptcha/
850 B
991 B
Script
General
Full URL
https://www.google.com/recaptcha/api.js
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f6851d9ce8f7d3b11d1784de142969571cc8a1de4bb59e0f1259fab7d5f40dc4
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
557
x-xss-protection
1; mode=block
expires
Thu, 09 Sep 2021 16:09:41 GMT
css
fonts.googleapis.com/
6 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Muli:400,600,700,800|Raleway&display=swap
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1631183224.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef6445645697521de9ac94cbf59a33bf28c89c94164a8bfb7e93f4ce15d9bef5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 16:09:41 GMT
server
ESF
date
Thu, 09 Sep 2021 16:09:41 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Thu, 09 Sep 2021 16:09:41 GMT
rem-bg-login.png
www.rembrandtcasino.com/assets/soft-themes/
330 KB
331 KB
Image
General
Full URL
https://www.rembrandtcasino.com/assets/soft-themes/rem-bg-login.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8f35e3a1a897c2113f2b18c69caac27cc124912e43bd02e6339984cf48c14504
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/soft-themes/rem-bg-login.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9868
cf-polished
origFmt=png, origSize=393460
content-disposition
inline; filename="rem-bg-login.webp"
vary
Accept
content-length
338314
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=we4Ni9xi1HvNJQMaWwG%2Bb23h%2BbjZa%2BgJGx3h6GW6gpGv3htgesI8X4FEooVBhlb7mOxT%2FE7Cxzm2EPO1gKrjmZW0P3FcebqQ8g27K5NZexsLX25Jy000IUoRFDMwNo8dp0g4EpwddA75QEhsiApEDhchlBwf"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:42 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb598ad05b7-FRA
cf-bgj
imgq:85,h2pri
sprites.1631183175086.png
www.rembrandtcasino.com/assets/
291 KB
291 KB
Image
General
Full URL
https://www.rembrandtcasino.com/assets/sprites.1631183175086.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1631183224.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
12b529b9c6b9a9a6d98693b4ef8d6978565f9cd682be172dffa12903c8ae1075
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/sprites.1631183175086.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/css/main.1631183224.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/css/main.1631183224.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9887
cf-polished
origFmt=png, origSize=471401
content-disposition
inline; filename="sprites.webp"
vary
Accept
content-length
297684
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RrfHeWaKUrke%2B3kZQryVBME8hmNtnz2CoSjDGIcxEzzkA6FFWx0VzBIuNGZBjkG%2FyYrQ6UqTJPdleWvvf%2ButJ2%2FV8GEMb5wu9SVEPQpKD%2BjhByEXCscKcwd%2Bzk%2BSlclvm%2FJ72ptttq5vOBegUvpzSS3ZMPqj"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:42 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb598ae05b7-FRA
cf-bgj
imgq:85,h2pri
open-sans-v17-latin-regular.woff2
www.rembrandtcasino.com/css/fonts/OpenSans/
14 KB
14 KB
Font
General
Full URL
https://www.rembrandtcasino.com/css/fonts/OpenSans/open-sans-v17-latin-regular.woff2
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1631183224.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://www.rembrandtcasino.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
:path
/css/fonts/OpenSans/open-sans-v17-latin-regular.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/css/main.1631183224.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.rembrandtcasino.com/css/main.1631183224.css
Origin
https://www.rembrandtcasino.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
strict-transport-security
max-age=16070400; includeSubDomains
content-length
14380
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TKfInp41ZPjJQ0zzTZMuaRHL%2F6YOe%2FgSIPtV2mXzE7aNUV2Df35%2F4k0QpJpSQSZv%2FFwqbzGBmQ9vvlXlXuHf8wDuqFzO4J%2BIPZLC90stKNHGrCbOvK3S8yttOpTPMP0WqzszXnPwrtqvnyHgEiCcz%2FzTAnmW"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb5a8ca05b7-FRA
expires
Thu, 09 Sep 2021 20:09:42 GMT
lb_banner_register_1.png
www.rembrandtcasino.com/assets/banners/
196 B
196 B
Image
General
Full URL
https://www.rembrandtcasino.com/assets/banners/lb_banner_register_1.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/en/register
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains

Request headers

:path
/assets/banners/lb_banner_register_1.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/en/register
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/en/register
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
content-encoding
br
cf-cache-status
EXPIRED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FCVSLtXmBEvNRWqID7QvqTya6Elvxv%2BL3V%2BocyKHRlkJs2nhnC1G8C12mQRgusWXGm9qfm8bR5cYr%2F%2FKdk725hhnxLG3Lxf%2BqB5WRZ%2F0TEtp1JTQHWLRGiStl0dCHegKjLCo7YKbtcJfyTt9iva6vVgXQeVA"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=iso-8859-1
cache-control
public, max-age=14400
strict-transport-security
max-age=16070400; includeSubDomains
cf-ray
68c1aeb5a8d005b7-FRA
expires
Thu, 09 Sep 2021 20:09:42 GMT
responsible-gaming.png
www.rembrandtcasino.com/assets/
3 KB
3 KB
Image
General
Full URL
https://www.rembrandtcasino.com/assets/responsible-gaming.png
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1631183224.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df63145b5bab066ed79ebb0901f48ee2ad1e217dfbaa15280833dfd04061cb43
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/assets/responsible-gaming.png
pragma
no-cache
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/css/main.1631183224.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/css/main.1631183224.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9887
cf-polished
origFmt=png, origSize=4588
content-disposition
inline; filename="responsible-gaming.webp"
vary
Accept
content-length
2836
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=16070400; includeSubDomains
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xg9fACRsebdKS08JXJOGZqXWDZTYtvUfxZyWtzlb8TeSI%2FVHqoDU1O%2BR1d3ceV7dMHecunkBes0s%2B7fZrs8JLwola%2B%2Ff1tlQ2wVLznB6jBnYGJX9gEe3r0kc8kRCnNA9clolEryJe5m96WCsVzPWll5nWGR6"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
expires
Thu, 09 Sep 2021 20:09:42 GMT
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb5a8d805b7-FRA
cf-bgj
imgq:85,h2pri
fa-solid-900.woff2
www.rembrandtcasino.com/css/fonts/font-awesome/
78 KB
79 KB
Font
General
Full URL
https://www.rembrandtcasino.com/css/fonts/font-awesome/fa-solid-900.woff2
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1631183224.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://www.rembrandtcasino.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
:path
/css/fonts/font-awesome/fa-solid-900.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/css/main.1631183224.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.rembrandtcasino.com/css/main.1631183224.css
Origin
https://www.rembrandtcasino.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
strict-transport-security
max-age=16070400; includeSubDomains
content-length
80300
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u5dY48NWmM2D7yBpdvIr0YsjBHm9YXVj2oeX8N89s7HDkbA0%2FCkhYkJp2CLfJcUNwF44zztl%2B4SQuaLc%2Fi4kONeEkyITnomM6RLKvwMhv21hhkPfR3krrRIK7jkHrd%2FMxJFGeXRWGlSARpH4D6l3vFfBSpiz"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb5a8d905b7-FRA
expires
Thu, 09 Sep 2021 20:09:42 GMT
open-sans-v17-latin-600.woff2
www.rembrandtcasino.com/css/fonts/OpenSans/
15 KB
15 KB
Font
General
Full URL
https://www.rembrandtcasino.com/css/fonts/OpenSans/open-sans-v17-latin-600.woff2
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1631183224.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://www.rembrandtcasino.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
:path
/css/fonts/OpenSans/open-sans-v17-latin-600.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/css/main.1631183224.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.rembrandtcasino.com/css/main.1631183224.css
Origin
https://www.rembrandtcasino.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
8308
strict-transport-security
max-age=16070400; includeSubDomains
content-length
14880
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9vnkQi9zUBMydbYL14b5YN1bf0ZXKVcmZz6%2FaqfrHuC2vu425cLSJI1H8nixQ70iYXRxxm3zJNJjz5fhyLqtUTRpeqU0uUkjyISksZdtZOOnYPbzrvRYQb1aSx%2BYZcLS0EcxLu4O%2FTCGm5hJf1fY%2BlrbfAP1"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb5a8dc05b7-FRA
expires
Thu, 09 Sep 2021 20:09:42 GMT
open-sans-v17-latin-700.woff2
www.rembrandtcasino.com/css/fonts/OpenSans/
15 KB
15 KB
Font
General
Full URL
https://www.rembrandtcasino.com/css/fonts/OpenSans/open-sans-v17-latin-700.woff2
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/css/main.1631183224.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:4f1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
Security Headers
Name Value
Strict-Transport-Security max-age=16070400; includeSubDomains
X-Content-Type-Options nosniff

Request headers

sec-fetch-mode
cors
origin
https://www.rembrandtcasino.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
font
cookie
PHPSESSID=jmduv6j9duae528bao8au2o08i; lang=en; api-reporting-cookie=eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE; visited=Yes; affiliate_code=20651; transaction_id=102182fe9f8786a919d3eecc38131f; media_code=textlink; postback_token=eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
:path
/css/fonts/OpenSans/open-sans-v17-latin-700.woff2
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.rembrandtcasino.com
referer
https://www.rembrandtcasino.com/css/main.1631183224.css
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.rembrandtcasino.com/css/main.1631183224.css
Origin
https://www.rembrandtcasino.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9886
strict-transport-security
max-age=16070400; includeSubDomains
content-length
15056
last-modified
Thu, 09 Sep 2021 10:27:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpG%2F3Zu3IsPQzePu1nvtv0qFejhbTAehl2EmvE9t4EYp4lV%2F8vQrh%2BBpVw%2FpK%2B%2B9tIpySWAwEr4CP6huYpnp3yKbd6u22IxVlCBhe1a10JeY70p9G%2BSADCyrEeHvJ5CRxQqSVQ3vQgr7QEQhcS%2F%2Fu60R5ZIu"}],"group":"cf-nel","max_age":604800}
content-type
application/font-woff2
cache-control
public, max-age=14400
accept-ranges
bytes
cf-ray
68c1aeb5a8de05b7-FRA
expires
Thu, 09 Sep 2021 20:09:42 GMT
gtm.js
www.googletagmanager.com/
162 KB
59 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M8C5L3P
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b993157a30c068ca1817648edef902e6bd547d04a7bb3d563b84fb3c057da77e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
59741
x-xss-protection
0
last-modified
Thu, 09 Sep 2021 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 09 Sep 2021 16:09:42 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/
343 KB
135 KB
Script
General
Full URL
https://www.gstatic.com/recaptcha/releases/wxAi4AKLXL2kBAvXqI4XLSWS/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.rembrandtcasino.com/
Origin
https://www.rembrandtcasino.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:07:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
137529
x-xss-protection
0
last-modified
Mon, 30 Aug 2021 17:56:35 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 09 Sep 2022 16:07:43 GMT
checkpoint
adsby.bidtheatre.com/
4 KB
4 KB
Script
General
Full URL
https://adsby.bidtheatre.com/checkpoint?c=7487&rnd=473242965&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_track.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
78cf4aceb1c414ab57710748dc6573c5bbe153bb165b7f9b2acb307d7e238da9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:42 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Content-Type
text/javascript;charset=ISO-8859-1
Keep-Alive
timeout=5, max=2999
Content-Length
3672
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
asx_analytics.min.js
adsby.bidtheatre.com/js/
4 KB
2 KB
Script
General
Full URL
https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7487&rnd=473242965&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5d7c59e9ad66d6b979cc94b727c5c07b1f746dd380bcddf62784b527a18bbb80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:42 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 13:03:06 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
W/"4296-1631192586000-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2419200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=2998
Content-Length
1690
Expires
Thu, 07 Oct 2021 16:09:42 GMT
bounce
ib.adnxs.com/
Redirect Chain
  • https://ib.adnxs.com/setuid?entity=107&code=0d843e9a-e7d3-40fd-979f-357e351b9264&seg=1433491
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D107%26code%3D0d843e9a-e7d3-40fd-979f-357e351b9264%26seg%3D1433491
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D107%26code%3D0d843e9a-e7d3-40fd-979f-357e351b9264%26seg%3D1433491
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Sep 2021 16:09:42 GMT
X-Proxy-Origin
91.199.118.79; 91.199.118.79; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
bc92451b-7911-46c8-8efa-b56ee7e54430
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 09 Sep 2021 16:09:42 GMT
X-Proxy-Origin
91.199.118.79; 91.199.118.79; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
ec68d8bd-8bc6-4003-a45c-8ee3812f1fba
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D107%26code%3D0d843e9a-e7d3-40fd-979f-357e351b9264%26seg%3D1433491
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&put=0d843e9a-e7d3-40fd-979f-357e351b9264
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
match
ad.360yield.com/ul_cb/
Redirect Chain
  • https://ad.360yield.com/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=0d843e9a-e7d3-40fd-979f-357e351b9264
  • https://ad.360yield.com/ul_cb/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=0d843e9a-e7d3-40fd-979f-357e351b9264
43 B
442 B
Image
General
Full URL
https://ad.360yield.com/ul_cb/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=0d843e9a-e7d3-40fd-979f-357e351b9264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.92.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-92-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Sep 2021 16:09:42 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=0d843e9a-e7d3-40fd-979f-357e351b9264
date
Thu, 09 Sep 2021 16:09:42 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
partner
sync.search.spotxchange.com/
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=0d843e9a-e7d3-40fd-979f-357e351b9264
  • https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=0d843e9a-e7d3-40fd-979f-357e351b9264&__user_check__=1&sync_id=57d972fd-1188-11ec-9a4f-160292010106
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=0d843e9a-e7d3-40fd-979f-357e351b9264&__user_check__=1&sync_id=57d972fd-1188-11ec-9a4f-160292010106
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:42 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
13
Connection
keep-alive
Content-Length
43

Redirect headers

Date
Thu, 09 Sep 2021 16:09:42 GMT
Server
nginx
Location
/partner?adv_id=8380&img=1&uid=0d843e9a-e7d3-40fd-979f-357e351b9264&__user_check__=1&sync_id=57d972fd-1188-11ec-9a4f-160292010106
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
text/plain
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
135
Connection
keep-alive
Content-Length
0
user-registering
ads.stickyadstv.com/
43 B
731 B
Image
General
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=191&userId=0d843e9a-e7d3-40fd-979f-357e351b9264
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Sep 2021 16:09:42 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1631203782683094-352
Expires
Thu, 09 Sep 2021 16:09:42 GMT
sync
ad.sxp.smartclip.net/
Redirect Chain
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=0d843e9a-e7d3-40fd-979f-357e351b9264
  • https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=0d843e9a-e7d3-40fd-979f-357e351b9264&ang_testid=1
42 B
804 B
Image
General
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=0d843e9a-e7d3-40fd-979f-357e351b9264&ang_testid=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.165.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-165-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.17.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:42 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

Redirect headers

Location
https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=0d843e9a-e7d3-40fd-979f-357e351b9264&ang_testid=1
Date
Thu, 09 Sep 2021 16:09:42 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.17.6
Connection
keep-alive
Content-Length
0
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pug
simage2.pubmatic.com/AdServer/
42 B
568 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MjAxNjA=&gdpr=0&gdpr_consent=&piggybackCookie=0d843e9a-e7d3-40fd-979f-357e351b9264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
adxcookie
match.adsby.bidtheatre.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm=&google_tc=
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEAa-rrJt0L-aZem6Uk9A_90&google_cver=1&google_ula=8233808,2
43 B
462 B
Image
General
Full URL
https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEAa-rrJt0L-aZem6Uk9A_90&google_cver=1&google_ula=8233808,2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.62.202.251 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:43 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Content-Type
image/gif
Keep-Alive
timeout=5, max=3000
Content-Length
43
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

Redirect headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:43 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEAa-rrJt0L-aZem6Uk9A_90&google_cver=1&google_ula=8233808,2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
331
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.adform.net/
43 B
163 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0d843e9a-e7d3-40fd-979f-357e351b9264
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
last-modified
Wed, 20 Jul 2016 08:18:17 GMT
server
nginx
accept-ranges
bytes
etag
"578f33c9-2b"
content-length
43
content-type
image/gif
advanalytics
adsby.bidtheatre.com/
0
288 B
Script
General
Full URL
https://adsby.bidtheatre.com/advanalytics?s=f57f40b465625c1e7e313fb7c6f43553&c=7487&cl=0&rnd=785346892
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:42 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=5, max=2997
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
analytics.js
www.google-analytics.com/
48 KB
20 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8C5L3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4965
date
Thu, 09 Sep 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 09 Sep 2021 16:46:57 GMT
core.js
s.pinimg.com/ct/
1 KB
1 KB
Script
General
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8C5L3P
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:42 GMT
fastly-restarts
1
x-cdn
fastly
etag
"d281f5ef4add283680ff41edc6dd28c4"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=7200
content-length
1142
access-control-expose-headers
X-CDN
fbevents.js
connect.facebook.net/en_US/
99 KB
26 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25999
x-xss-protection
0
pragma
public
x-fb-debug
fgvqEi1mRsxlYU97Y0k4qI5qfRVzw7bfP2OIqJmTuHZMfv8R8Dtt8Y3BwbzrVfyk71STYhEEtFrqcahQpm4sjw==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Thu, 09 Sep 2021 16:09:42 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
www.google-analytics.com/j/
2 B
213 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=505579663&t=event&ni=0&_s=1&dl=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister&dr=http%3A%2F%2Foffpage.xyz%2F&ul=en-us&de=UTF-8&dt=Register%20with%20Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Affiliate%20Tracking&ea=Open&el=20651&_u=YEBAAEABAAAAAC~&jid=2095545108&gjid=1546731133&cid=1063687129.1631203783&tid=UA-82757551-1&_gid=1720765088.1631203783&_r=1&gtm=2wg910M8C5L3P&cd1=20651&cd3=textlink&z=1863876256
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rembrandtcasino.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rembrandtcasino.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
730010297732901
connect.facebook.net/signals/config/
306 KB
88 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/730010297732901?v=2.9.45&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
159ff47521dd3ce533c5391f8682ce109fab556824bc6943809c2416cb004189
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
h/ZRbl0FeVQBIbV04bL7t2bH67uSQGPi830Ax7UDoouGs/9gtLoAG5ZK9BeTDYzr4d8S/X5Tefn3889R0oc3Hg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Thu, 09 Sep 2021 16:09:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/
4 B
469 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-82757551-1&cid=1063687129.1631203783&jid=2095545108&gjid=1546731133&_gid=1720765088.1631203783&_u=YEBAAEAAAAAAAC~&z=9092161
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rembrandtcasino.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 09 Sep 2021 16:09:43 GMT
content-type
text/plain
access-control-allow-origin
https://www.rembrandtcasino.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
main.89cd5bf4.js
s.pinimg.com/ct/lib/
49 KB
17 KB
Script
General
Full URL
https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:54::84 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:43 GMT
content-encoding
gzip
fastly-restarts
1
x-cdn
fastly
etag
"6deee3ea7ecc4a5d9687c1bd57018c16"
vary
Accept-Encoding, Origin
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
max-age=1209600
content-length
17418
access-control-expose-headers
X-CDN
/
ct.pinterest.com/user/
492 B
835 B
XHR
General
Full URL
https://ct.pinterest.com/user/?tid=2613030039972&pd=%7B%22np%22%3A%22gtm%22%7D&cb=1631203783030
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.48.37 , Netherlands, ASN33905 (AKAMAI-AMS, NL),
Reverse DNS
a2-18-48-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
15d45fecc69fc7bb124a89ac1a7baed0ced324dd70fcaaa8c827a8ede2bac133
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:43 GMT
content-encoding
gzip
vary
Accept-Encoding
x-cdn
akamai
akamai-grn
0.59841402.1631203783.397bc2c7
x-envoy-upstream-service-time
0
x-pinterest-rid
1299368529849689
pin-unauth
dWlkPU1tVTVPRE15TUdZdE1XVTNaaTAwTURVM0xUazJaVFF0TldZeU1UYzNZVE15T1RabQ
access-control-allow-origin
https://www.rembrandtcasino.com
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
application/json; charset=utf-8
pragma
no-cache
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
content-length
347
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/
35 B
334 B
Image
General
Full URL
https://ct.pinterest.com/v3/?tid=2613030039972&pd=%7B%22np%22%3A%22gtm%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%22%2C%22ref%22%3A%22http%3A%2F%2Foffpage.xyz%2F%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2289cd5bf4%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1631203783030
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.48.37 , Netherlands, ASN33905 (AKAMAI-AMS, NL),
Reverse DNS
a2-18-48-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:43 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.59841402.1631203783.397bc2c9
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
2
content-length
35
x-pinterest-rid
1827442738919193
expires
Sat, 01 Jan 2000 00:00:00 GMT
ga-audiences
www.google.com/ads/
42 B
296 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-82757551-1&cid=1063687129.1631203783&jid=2095545108&_u=YEBAAEAAAAAAAC~&z=1526978063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
522 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-82757551-1&cid=1063687129.1631203783&jid=2095545108&_u=YEBAAEAAAAAAAC~&z=1526978063
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:43 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ct.pinterest.com/md/
0
275 B
XHR
General
Full URL
https://ct.pinterest.com/md/
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.89cd5bf4.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.48.37 , Netherlands, ASN33905 (AKAMAI-AMS, NL),
Reverse DNS
a2-18-48-37.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://www.rembrandtcasino.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:43 GMT
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.59841402.1631203783.397bc2dd
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
x-pinterest-rid
1452197471664155
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/
44 B
313 B
Image
General
Full URL
https://www.facebook.com/tr/?id=730010297732901&ev=PageView&dl=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister&rl=http%3A%2F%2Foffpage.xyz%2F&if=false&ts=1631203783924&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1631203783921.1707646585&it=1631203782994&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 09 Sep 2021 16:09:44 GMT
/
www.facebook.com/tr/
44 B
101 B
Image
General
Full URL
https://www.facebook.com/tr/?id=730010297732901&ev=Microdata&dl=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister&rl=http%3A%2F%2Foffpage.xyz%2F&if=false&ts=1631203784429&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Register%20with%20Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World%22%2C%22meta%3Adescription%22%3A%22Rembrandt%20Casino%20Offers%20a%20Welcome%20Bonus%20of%20100%25%20up%20to%20%E2%82%AC200.%20Weekly%20Promotions%2C%20Casino%20Bonuses%20%26%20Free%20Spins%20Inside.%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22RembrandtCasino%22%2C%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2F%22%2C%22og%3Atitle%22%3A%22Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World%22%2C%22og%3Adescription%22%3A%22Rembrandt%20has%20the%20sheer%20excellence%20of%20Online%20Casino%20and%20Video%20Slots.%20Welcome%20Bonus%20of%20100%25%20up%20to%20%E2%82%AC200%20to%20enjoy%20on%20Slots%20or%20Live%20Casino.%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fwww.rembrandtcasino.com%2Fassets%2Fmain%2Fbrand-logo.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%22300%22%2C%22og%3Aimage%3Aheight%22%3A%22300%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.45&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1631203783921.1707646585&it=1631203782994&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Thu, 09 Sep 2021 16:09:44 GMT
advanalytics
adsby.bidtheatre.com/
0
288 B
Script
General
Full URL
https://adsby.bidtheatre.com/advanalytics?s=f57f40b465625c1e7e313fb7c6f43553&c=7487&cl=0&rnd=378943826
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:44 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=5, max=2996
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
advanalytics
adsby.bidtheatre.com/
0
288 B
Script
General
Full URL
https://adsby.bidtheatre.com/advanalytics?s=f57f40b465625c1e7e313fb7c6f43553&c=7487&cl=0&rnd=972236314
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:46 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=5, max=2995
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
cb=gapi.loaded_0
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/
313 KB
106 KB
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:801::200e Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b89bb651692e73dc3347c90af5dab24942237d4d5e7475d1e91e707f8fbfec5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Mon, 06 Sep 2021 18:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
252531
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
108745
x-xss-protection
0
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 06 Sep 2022 18:00:56 GMT
analytics.js
www.google-analytics.com/
48 KB
19 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
4970
date
Thu, 09 Sep 2021 14:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Thu, 09 Sep 2021 16:46:57 GMT
collect
www.google-analytics.com/j/
4 B
71 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=505579663&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister&dr=http%3A%2F%2Foffpage.xyz%2F&ul=en-us&de=UTF-8&dt=Register%20with%20Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=1024846968&gjid=1024047866&cid=1063687129.1631203783&tid=UA-82757551-1&_gid=1720765088.1631203783&_r=1&_slc=1&z=170828983
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rembrandtcasino.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.rembrandtcasino.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
hotjar-1239133.js
static.hotjar.com/c/
5 KB
2 KB
Script
General
Full URL
https://static.hotjar.com/c/hotjar-1239133.js?sv=6
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-76.fra2.r.cloudfront.net
Software
/
Resource Hash
8b3dc31e395caf7b255cfbec1519f594267aec77598f3af4c109342c980ab734
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:16 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
age
31
etag
W/c0bc1feb11873d2d5c9565e9fb43eb8e
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
cec6VMpzW2GORsIsGqSjNeaYfe2WHG9aHzQXYJ9b2wocez28sXL1lQ==
via
1.1 06d36e78e8dfd9468327f09115761a9e.cloudfront.net (CloudFront)
collect
stats.g.doubleclick.net/j/
4 B
70 B
XHR
General
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-82757551-1&cid=1063687129.1631203783&jid=1024846968&gjid=1024047866&_gid=1720765088.1631203783&_u=aEDAAEABAAAAAC~&z=409986609
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4025:401::9d Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.rembrandtcasino.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 09 Sep 2021 16:09:47 GMT
content-type
text/plain
access-control-allow-origin
https://www.rembrandtcasino.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
sdk.js
connect.facebook.net/en_GB/
3 KB
2 KB
Script
General
Full URL
https://connect.facebook.net/en_GB/sdk.js
Requested by
Host: www.rembrandtcasino.com
URL: https://www.rembrandtcasino.com/js/app.1631183175086.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2d94cc8c0bba0ced89647048165c1f155618780b6d2d949ce4e7980eac2ed18f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
/8AStBAujeikCptmWOJGFQ==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
n9w9r6XvbHYEd+FtjHjlD7c1xm2h3fOO4p1bXjqzzj/TFkFqeD5tYcWBjWo3JOUidwSilShiaD6XMcOh+wq/Gg==
x-fb-trip-id
917726464
x-fb-content-md5
54ff5e5afd0d33a83a3c33a84df775d9
x-frame-options
DENY
date
Thu, 09 Sep 2021 16:09:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"d9ae5d6f7d975428769f330b4006cea6"
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 Sep 2021 16:12:59 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/
62 B
342 B
Script
General
Full URL
https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=auth2/exm=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_1
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/api:client.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400a:801::200e Zurich, Switzerland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Fri, 03 Sep 2021 19:40:32 GMT
vary
Origin
last-modified
Mon, 23 Aug 2021 18:17:31 GMT
server
sffe
x-content-type-options
nosniff
age
505755
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62
x-xss-protection
0
expires
Sat, 03 Sep 2022 19:40:32 GMT
/
track.adform.net/Serving/TrackPoint/
Redirect Chain
  • https://track.adform.net/Serving/TrackPoint/?pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=969622232373&Set1=...
  • https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=969622232373&...
171 B
632 B
Script
General
Full URL
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=969622232373&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Foffpage.xyz%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
566b050c3e11dfc2b5e888ee29f3648ebf2bcfa3def82d7146216b549b8094e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:47 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
226
expires
-1

Redirect headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:47 GMT
server
nginx
location
https://track.adform.net/Serving/TrackPoint/?CC=1&pm=2238486&ADFPageName=https%3A%2F%2Fwww.rembrandtcasino.com%7CGeneral%20%20%7CRetargeting%20RB%7CRetargeting%20RB&ADFdivider=%7C&ord=969622232373&Set1=en-US%7Cen-US%7C1600x1200%7C24&CPref=http%3A%2F%2Foffpage.xyz%2F&ADFtpmode=2&loc=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
strict-transport-security
max-age=31536000; includeSubDomains
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/html; charset=utf-8
expires
-1
/
freegeoip.app/json/
230 B
880 B
XHR
General
Full URL
https://freegeoip.app/json/
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=en&theme=flying&tracking=1&thirdparty=1&always=1&hideDetailsBtn=1&showPolicyLink=1&privacyPage=%2Fprivacy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:13c8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64e6f4d16592aa0d6ec998b1fc4bb5e544848acd67dfc476e11f4647cc6b700f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:47 GMT
content-encoding
br
vary
Origin
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-database-date
Wed, 25 Aug 2021 10:15:20 GMT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-ratelimit-remaining
14998
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvCwIUucJkvJ9Pmg0nhV8odi4eowdaMVz%2BiQnUe1IiLZuOh7oIXMGWv7n7ZwWqkqYQmAZGX7ZnitPLUZly0skO9r5BMxz%2BAWCx2LruDalae1X%2FauLZ7q4KU74BHqZGbJ8R91eCPAC3ama2FO"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.rembrandtcasino.com
access-control-allow-credentials
true
x-ratelimit-reset
3573
x-ratelimit-limit
15000
cf-ray
68c1aed56f964dee-FRA
d7.js
tb.de17a.com/
17 KB
6 KB
Script
General
Full URL
https://tb.de17a.com/d7.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 -, , ASN (),
Reverse DNS
Software
nginx/1.10.1 /
Resource Hash
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:47 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 11:59:00 GMT
server
nginx/1.10.1
etag
W/"D1P1tEdAz5YD1P0zH16XaI--gzip"
vary
Accept-Encoding, User-Agent
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
cache-control
must-revalidate, private
content-type
application/javascript
content-length
6265
asx_track.min.js
adsby.bidtheatre.com/js/
7 KB
2 KB
Script
General
Full URL
https://adsby.bidtheatre.com/js/asx_track.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8C5L3P
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7464584122eea6d02b01347b8f092b8a627793bd3270d71e92ed7c5a6544822e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Sep 2021 13:03:08 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
W/"7091-1631192588000-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=2419200
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=2994
Content-Length
1946
Expires
Thu, 07 Oct 2021 16:09:47 GMT
sdk.js
connect.facebook.net/en_GB/
227 KB
67 KB
Script
General
Full URL
https://connect.facebook.net/en_GB/sdk.js?hash=f5ff096b4d67d05a4d8e4ff876784220
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5bc1579740c7f4cea9f43d4cbef6b5bbed2a779a22f163fa5040d0e8b9bbe055
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.rembrandtcasino.com/
Origin
https://www.rembrandtcasino.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
e6vinMZaFu9ZnF40prusYw==
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68289
x-fb-rlafr
0
x-fb-debug
aygHgZJewHjLEbo7D324cRVgr0fuFC5OFKAb/lO1AnErQa31VY5xD4FPafzMXSdsHmdI4X0e6XB8k9aH3FAAHQ==
x-fb-trip-id
917726464
x-fb-content-md5
f5466a2096c64c2cd32e1c7b546b0b50
x-frame-options
DENY
date
Thu, 09 Sep 2021 16:09:47 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"a46958cdca79d498159c9b8d4a8a4ec8"
timing-allow-origin
*
expires
Fri, 09 Sep 2022 13:51:32 GMT
modules.5fe2f4f38cf4833026a9.js
script.hotjar.com/
221 KB
59 KB
Script
General
Full URL
https://script.hotjar.com/modules.5fe2f4f38cf4833026a9.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1239133.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-38.fra2.r.cloudfront.net
Software
/
Resource Hash
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 07:15:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
32081
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59626
access-control-allow-origin
*
last-modified
Thu, 09 Sep 2021 07:14:26 GMT
etag
"e8c5ca8d148a212696c04c37e713b2a1"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 96283be49fd5bce30b3a0e9559bd2d9e.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
_9CWDS_36YUtOBjdxiC0xDNY3jVmUzISY8ubPLPiH7_8ZrRNxcsT2A==
checkpoint
adsby.bidtheatre.com/
4 KB
4 KB
Script
General
Full URL
https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=262403619&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_track.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ff0efc45d448457b47187fb2782cdec358b1327a56585daadcfe1cfa3d3c820f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:47 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Content-Type
text/javascript;charset=ISO-8859-1
Keep-Alive
timeout=5, max=2993
Content-Length
3672
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
mp.min.js
static.trafficjunky.com/js/
8 KB
3 KB
Script
General
Full URL
https://static.trafficjunky.com/js/mp.min.js
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/nbvcdfghytre/xiferptcslokd.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
205.185.208.79 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
241198efe801d8fa8cd2715098d2128005bda91fae87dced9ffdd4172a5c6fb2

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:47 GMT
content-encoding
gzip
last-modified
Tue, 15 May 2018 18:46:56 GMT
etag
"1526410016"
x-hw
1631203787.dop158.fr8.t,1631203787.cds205.fr8.hn,1631203787.cds248.fr8.c
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
3139
cookiebar-flying.min.css
cdn.jsdelivr.net/npm/cookie-bar/themes/
5 KB
1 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/cookie-bar/themes/cookiebar-flying.min.css
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=en&theme=flying&tracking=1&thirdparty=1&always=1&hideDetailsBtn=1&showPolicyLink=1&privacyPage=%2Fprivacy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d07d1c56b4d065242ead4e55abc7ffca25bf17aafb4ef9353883a93af18065ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2562
x-jsd-version
1.9.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1340
etag
W/"14b8-cZ+WTMLcka+c9Yi43BiRw9i4PwY"
x-served-by
cache-fra19179-FRA
x-jsd-version-type
version
date
Thu, 09 Sep 2021 16:09:47 GMT
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
en.html
cdn.jsdelivr.net/npm/cookie-bar/lang/
5 KB
2 KB
XHR
General
Full URL
https://cdn.jsdelivr.net/npm/cookie-bar/lang/en.html
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=en&theme=flying&tracking=1&thirdparty=1&always=1&hideDetailsBtn=1&showPolicyLink=1&privacyPage=%2Fprivacy
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
66e9b1c3624b6efb5d7de67a90722c0372eb4dbc88c280f1659499d62ec38420
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
age
2568
x-jsd-version
1.9.0
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
1436
etag
W/"12c8-4eTFZlsMuFJppSKXuv1aIEondNk"
x-served-by
cache-fra19130-FRA
x-jsd-version-type
version
date
Thu, 09 Sep 2021 16:09:47 GMT
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
box-dfc01efbdc94bb0936d9a35a502b0b64.html
vars.hotjar.com/ Frame C615
2 KB
1 KB
Document
General
Full URL
https://vars.hotjar.com/box-dfc01efbdc94bb0936d9a35a502b0b64.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1239133.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.9 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-dfc01efbdc94bb0936d9a35a502b0b64.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rembrandtcasino.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/

Response headers

content-type
text/html
content-length
1044
date
Tue, 20 Jul 2021 13:05:05 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"10714b84569172431728622d7c8098e4"
last-modified
Tue, 20 Jul 2021 13:04:43 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d16428714e022976873ccc980fdc1289.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
x-amz-cf-id
am7b13zXDms1ve1Fd0QCyf0ueduhv74lgrTLPaTlxWXSvsJW2mWTiA==
age
4417482
setuid
ib.adnxs.com/
43 B
1014 B
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=107&code=0d843e9a-e7d3-40fd-979f-357e351b9264&seg=1433491
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=262403619&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 09 Sep 2021 16:09:47 GMT
X-Proxy-Origin
91.199.118.79; 91.199.118.79; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
720e5023-e68f-4302-9ace-fb8a392534f9
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
ad.360yield.com/
43 B
443 B
Image
General
Full URL
https://ad.360yield.com/match?dsp_callback=1&publisher_dsp_id=69&gdpr=0&gdpr_consent=&external_user_id=0d843e9a-e7d3-40fd-979f-357e351b9264
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=262403619&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.92.12 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-92-12.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 09 Sep 2021 16:09:47 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
partner
sync.search.spotxchange.com/
43 B
548 B
Image
General
Full URL
https://sync.search.spotxchange.com/partner?adv_id=8380&img=1&uid=0d843e9a-e7d3-40fd-979f-357e351b9264
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=262403619&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:47 GMT
Server
nginx
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials
false
X-fe
58
Connection
keep-alive
Content-Length
43
stv
match.prod.bidr.io/cookie-sync/
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=191&userId=0d843e9a-e7d3-40fd-979f-357e351b9264
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=68995528c4956af88a4fd5e325d8a4a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=l281d_7005966918277245712
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=Njg5OTU1MjhjNDk1NmFmODhhNGZkNWUzMjVkOGE0YQ==&gdpr=0&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_hm=Njg5OTU1MjhjNDk1NmFmODhhNGZkNWUzMjVkOGE0YQ==&gdpr=0&gdpr_consent=&google_tc=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=&google_error=3&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=eee7cd80-311b-466f-b07c-be31cce750c2
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=1179331125129668025
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/68995528c4956af88a4fd5e325d8a4a&gdpr=0&gdpr_consent=?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-AEZscuFE2oPYP.R7Gx9Z3FIvI52742ovx6u16Jrm~A
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=c036613a-31cc-4500-9c9b-50fe7ecc10fd&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=8618911629037728404
  • https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
  • https://ads.stickyadstv.com/user-registering?dataProviderId=593&userId=zqVXIsfu1MomCw5
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
0
0

sync
ad.sxp.smartclip.net/
42 B
804 B
Image
General
Full URL
https://ad.sxp.smartclip.net/sync?type=host&dsp=44&dspuuid=0d843e9a-e7d3-40fd-979f-357e351b9264
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=262403619&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.165.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-165-29.eu-west-1.compute.amazonaws.com
Software
nginx/1.17.6 /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:47 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.17.6
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
P3P
CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pug
simage2.pubmatic.com/AdServer/
42 B
415 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MjAxNjA=&gdpr=0&gdpr_consent=&piggybackCookie=0d843e9a-e7d3-40fd-979f-357e351b9264
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=262403619&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:47 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:553
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
adxcookie
match.adsby.bidtheatre.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm
  • https://cm.g.doubleclick.net/pixel?google_nid=bt&google_ula=8233808&google_cm=&google_tc=
  • https://match.adsby.bidtheatre.com/adxcookie?id=&google_error=3
0
0

pixel
cm.adform.net/
43 B
162 B
Image
General
Full URL
https://cm.adform.net/pixel?adform_pid=18&adform_pc=0d843e9a-e7d3-40fd-979f-357e351b9264
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/checkpoint?c=7061&rnd=262403619&output=javascript&ref=https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:47 GMT
last-modified
Wed, 20 Jul 2016 08:18:17 GMT
server
nginx
accept-ranges
bytes
etag
"578f33c9-2b"
content-length
43
content-type
image/gif
tap.php
pixel.rubiconproject.com/
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=17039&nid=2650&days=30&put=0d843e9a-e7d3-40fd-979f-357e351b9264
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
8f052d4f888ae4e0626c5f819879cacd
Content-Type
image/gif
getUid;c
tb.de17a.com/api/ Frame CEB6
Redirect Chain
  • https://tb.de17a.com/api/getUid?data=%7B%7D&callback=$d7_cb_1
  • https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
61 B
214 B
Script
General
Full URL
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 -, , ASN (),
Reverse DNS
Software
nginx/1.10.1 /
Resource Hash
da8d42ab0615d1a93811c216c6eb85d607b65c71714f6efa56b1e7f55b597b85

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:47 GMT
server
nginx/1.10.1
content-type
application/json
content-length
61
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"

Redirect headers

location
https://tb.de17a.com/api/getUid;c?data=%7B%7D&callback=$d7_cb_1
date
Thu, 09 Sep 2021 16:09:47 GMT
server
nginx/1.10.1
content-length
0
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
pageView
tb.de17a.com/api/ Frame 2361
2 KB
2 KB
Script
General
Full URL
https://tb.de17a.com/api/pageView?data=%7B%22action%22%3A%22pageView%22%2C%22pageId%22%3A%22YOUR_PAGE_ID%22%2C%22url%22%3A%22https%3A%2F%2Fwww.rembrandtcasino.com%2Fen%2Fregister%22%2C%22title%22%3A%22Register%20with%20Rembrandt%20Casino%20%7C%20Probably%20the%20Best%20Casino%20in%20the%20World%22%2C%22trackingAccountId%22%3A%2217728%22%2C%22referrer%22%3A%22http%3A%2F%2Foffpage.xyz%2F%22%7D&callback=$d7_cb_2
Requested by
Host: tb.de17a.com
URL: https://tb.de17a.com/d7.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
213.155.156.188 -, , ASN (),
Reverse DNS
Software
nginx/1.10.1 /
Resource Hash
8ef8ddcbf995f47d9cfaad5392f603e1eefe2c8245583ff43a02b758cd45e3d4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:47 GMT
server
nginx/1.10.1
content-type
application/json
content-length
1969
p3p
CP="NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV"
iframe
accounts.google.com/o/oauth2/ Frame C08F
513 B
925 B
Document
General
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.de.soliK2B9LKA.O/m=client/rt=j/sv=1/d=1/ed=1/am=AQ/rs=AGLTcCP_VSmeyDlYE1vxFyfmddhL6RM9dw/cb=gapi.loaded_0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200d -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
2eb325f01120387482d53a8b6f128b623e46e0b9d489e3bee9690aea412e1606
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-B0r/LeZVFLZqkvb92DCzCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
accounts.google.com
:scheme
https
:path
/o/oauth2/iframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.rembrandtcasino.com/
accept-encoding
gzip, deflate, br
cookie
NID=223=JqLWyHyBCvzvlcfL9vzif7iQOFRP51bHcp_HXyEAQ73d2keNVhByCuEtS5KmcUibKwvpb3vD0-QcgWHElpXDFnJwwZeizZgCtDl2CNCyi6zTQtG73UY3gHiAF1Ay6tm5YDJXe6gSMJ3fcTv23i9ncx-7Swz01f653_1R5AqmERU
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/

Response headers

content-type
text/html; charset=utf-8
cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Thu, 09 Sep 2021 16:09:47 GMT
content-language
en-US
content-security-policy
script-src 'report-sample' 'nonce-B0r/LeZVFLZqkvb92DCzCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding
gzip
server
ESF
x-xss-protection
0
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ga-audiences
www.google.com/ads/
42 B
107 B
Image
General
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-82757551-1&cid=1063687129.1631203783&jid=1024846968&_u=aEDAAEABAAAAAC~&z=773158679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/
42 B
107 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-82757551-1&cid=1063687129.1631203783&jid=1024846968&_u=aEDAAEABAAAAAC~&z=773158679
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 09 Sep 2021 16:09:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
advanalytics
adsby.bidtheatre.com/
0
288 B
Script
General
Full URL
https://adsby.bidtheatre.com/advanalytics?s=07533ae30a7ff1a33043723cfbfa4d8e&c=7061&cl=0&rnd=760350003
Requested by
Host: adsby.bidtheatre.com
URL: https://adsby.bidtheatre.com/js/asx_analytics.min.js?ver=A33923C452
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
174.138.107.223 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.rembrandtcasino.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Thu, 09 Sep 2021 16:09:47 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Content-Type
text/javascript
Keep-Alive
timeout=5, max=2992
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
4172457829-idpiframe.js
ssl.gstatic.com/accounts/o/ Frame C08F
116 KB
40 KB
Script
General
Full URL
https://ssl.gstatic.com/accounts/o/4172457829-idpiframe.js
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
7b7e6f2bcc8414315f6758234e5c93075673eab353d4f50161a386cefb352704
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Tue, 07 Sep 2021 01:18:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
226290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/federated-signon-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
40512
x-xss-protection
0
last-modified
Fri, 27 Aug 2021 00:29:47 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 07 Sep 2022 01:18:17 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame C08F
14 B
172 B
XHR
General
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fwww.rembrandtcasino.com&client_id=402038084873-1o1s8472q3kq9tg19ijltmltoh87tpuk.apps.googleusercontent.com
Requested by
Host: ssl.gstatic.com
URL: https://ssl.gstatic.com/accounts/o/4172457829-idpiframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200d -, , ASN (),
Reverse DNS
Software
ESF /
Resource Hash
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Thu, 09 Sep 2021 16:09:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
content-type
application/json; charset=utf-8
cache-control
public, max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
expires
Thu, 09 Sep 2021 17:09:48 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Domain
match.adsby.bidtheatre.com
URL
https://match.adsby.bidtheatre.com/adxcookie?id=&google_error=3

Verdicts & Comments Add Verdict or Comment

262 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| __cfQR object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| $jscomp object| asxtrack function| topFunction string| DETECTED_COUNTRY_CODE string| DETECTED_LOOKUP_COUNTRY_CODE string| DETECTED_IP string| DETECTED_CURRENCY string| PAYMENT_STATUS_ERROR string| PAYMENT_STATUS_SUCCESS string| PAYMENT_STATUS_CANCELED string| PAYMENT_STATUS_PENDING string| PAYMENT_STATUS_PROCESSING string| PAYMENT_PROVIDER_PAYMENTIQ_NAME string| PAYMENT_PROVIDER_EMPCORP_NAME string| PAYMENT_PROVIDER_HEXOPAY_NAME number| IS_USER_LOGGED string| TRANSLATION_ALERT string| TRANSLATION_PLEASE_WAIT string| TRANSLATION_BACK string| TRANSLATION_THANKS_NOTIFICATION_BODY string| TRANSLATION_CLOSE string| TRANSLATION_REGISTER_FACEBOOK_SUCCESS string| TRANSLATION_REGISTER_GOOGLE_SUCCESS string| TRANSLATION_REGISTER_TWITTER_SUCCESS string| TRANSLATION_REGISTER_CONFIRM string| TRANSLATION_GAME_LOADING string| TRANSLATION_GAME_ONE_MOMENT string| TRANSLATION_GAME_RELEASE_FUNDS string| TRANSLATION_VIEW_EPRO_WALLET string| TRANSLATION_FILL_IN_AMOUNT_FIRST string| TRANSLATION_BONUS_MINIMUM_AMOUNT string| TRANSLATION_BONUS_MAXIMUM_AMOUNT string| TRANSLATION_PERSONAL_DATA string| TRANSLATION_CONFIRM_PERSONAL_DATA string| TRANSLATION_MINIMUM_AMOUNT string| TRANSLATION_DEPOSIT string| TRANSLATION_DEPOSIT_FEEDBACK_SKIP string| TRANSLATION_SMS_CODE_MISSING string| TRANSLATION_SMS_SENDING string| TRANSLATION_BONUS_NOT_ACTIVE_TITLE string| TRANSLATION_BONUS_NOT_ACTIVE_BODY_AMOUNT string| TRANSLATION_BONUS_NOT_ACTIVE_BODY string| TRANSLATION_TAKE_WELCOME_BONUS_BODY string| TRANSLATION_TAKE_WELCOME_BONUS_TITLE string| TRANSLATION_TAKE_WELCOME_BONUS_ACCEPT string| TRANSLATION_TAKE_WELCOME_BONUS_DENY string| TRANSLATION_CASHTOCODE_PRICEPOINT_TITLE string| TRANSLATION_CASHTOCODE_PRICEPOINT_BODY string| TRANSLATION_CASHTOCODE_NO_PRICEPOINT object| REGISTRATION_TRANSLATIONS string| BRAND number| DOB_YEAR object| DOB_DEFAULT_DATE string| REQUEST_URI string| APPLICATION_ENV boolean| IS_MOBILE string| LANGUAGE boolean| IN_IFRAME string| SOCIAL_GOOGLE_CLIENT_ID string| SOCIAL_FACEBOOK_APP_ID string| SOCIAL_FACEBOOK_APP_VERSION string| APPLE_SIGNIN_CLIENT_ID string| APPLE_REDIRECT_URI string| LIVE_CHAT_BASE_URL string| LIVE_CHAT_URL string| LIVE_CHAT_TITLE boolean| LIVE_CHAT_IS_ONLINE string| LIVE_CHAT_OFFLINE string| TRANSLATION_ALL_PROVIDERS string| TRANSLATION_MIN_LENGTH_FIRST_NAME object| img1 object| base1 object| img2 object| base2 object| img3 object| base3 object| img4 object| base4 object| img5 object| base5 object| img6 object| base6 object| img7 object| base7 object| img8 object| base8 object| img9 object| base9 object| asxanalytics object| recaptcha function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| pintrk function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData object| gapi object| ___jsl function| setupCookieBar object| CookieLanguages object| cookieLawStates function| hj object| _hjSettings function| _typeof boolean| windowIsDefined function| DateFormatter function| $ function| jQuery boolean| IE object| Wilq32 function| LazyLoad function| Slider function| Spinner object| Ladda function| isFunction function| numberOr0 function| convertToFloat function| generateUniqueId function| getElementUniqueId function| testFunctionSpeed function| sprintf function| animateScrollToElement function| getUrlParameterByName function| debugConsoleLogHelper function| loadingOverlayHelper function| ajaxCallHelper function| bootstrapFormHelper function| toggleChevron function| send function| initFacebookLogin function| gameCategoryClick function| gameLinksClickErrorHandler function| gameLinksClickHandler function| update_time function| showProviderDropdown function| handleProviders function| handleGamesSlider function| getGameCollectionFromUrl function| getProviderFromSelect function| handleGamesSliderPerProvider function| generateProvidersOptions function| getProvidersList function| openLiveChat function| logoutCheck function| closeModal function| textModifier function| openReleaseFundsDialog function| testIt function| scrollFunction function| twitterFillMissingFields function| updateTwitterURL function| setTwitterResponse function| animateWheel function| presetTheWheel function| animatePointer function| rotateWheel object| condorModules object| Survey object| settingsModule function| genericResponseMessageHandler function| genericLogMessageHandler object| ajaxSenderModule object| appleSignInModule object| $bonusPageBtns object| withdrawalIframe object| quickWithdrawalModal object| confirmFormContainer function| moveWithArrows object| flashWarningBox object| gameArea object| fullScreenButton function| handleGameLinkOpening object| gameLinks object| gameContent object| gameCloseModal object| releaseFundsRequest function| exitGame undefined| d undefined| time object| gamesContainer undefined| navContainer undefined| navTabs undefined| collectionsContainer undefined| collectionsForPurging object| GapiEvent function| TrackDeposit object| inSitePushMessageModule function| Jackpot number| logout_check_counter undefined| playerLimitModule object| $iframe undefined| playngoEngageClient undefined| quickDepositModule undefined| Payop undefined| Hexopay undefined| nuveiHelper undefined| reality_check_seconds object| realityCheckModal undefined| checkRealityCheck undefined| realityCheckActionButtonsAvailability undefined| realityCheckConfirmHandler object| releaseFundsModal boolean| CARD_IS_CLOSED boolean| IS_LOSE object| scratchModal object| affiliateElement object| twitterPanel object| webPushMessageModule undefined| currentRotation undefined| rotationChange undefined| piece object| dragscroll function| fbAsyncInit object| lazyload_option object| lazyload object| Adform object| KJUR object| adf boolean| __cfRLUnblockHandlers string| path string| section object| _d7 object| FB object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules object| mpevt object| promptContent object| thirdparty object| tracking object| customize object| buttonCustomize object| buttonSaveCustomized object| customizeBlock object| customizeTracking object| customizeThirdParty object| scrolling object| privacyPage object| privacyLink object| mainBarPrivacyLink object| _mpevt function| mpAnalytics function| EtappTracker boolean| K function| La

41 Cookies

Domain/Path Name / Value
www.k33clq-3.com/ Name: uniqueClick_2KTQH2G
Value: 9e0e6ddf-0156-47fc-8b41-a5bc1b14f864:1631203780
www.k33clq-3.com/ Name: transaction_id
Value: ea0de91901b44172b06481a414e10bf9
trafficgridmedia.go2cloud.org/ Name: enc_aff_session_173
Value: ENC035d0a90e4b6523aa06814027c195a8fea551e730f25edf50a2cfc4d0126fd7c26a4023ad0d61d4926bcd49ac08fc15a073e0050e9521be75c056d48b76f404cd9209ffa034f46329ef3af2c6c2f4112a144ad6059b251e90201fa4bd050057daac323dd8faae98abdfed64797fba4fac46acb3ca5f4a4436fcf67f124751b64251138a7cc0d3c021b0cf6010c4a168ecb2146abc1d25c1b79cb9cb048b70dd46876338524e8855cf7921b6aa281c64f63a8c472619c04adf0601e928bb2d537f80611a9bf
trafficgridmedia.go2cloud.org/ Name: ho_mob
Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5Mi4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85Mi4wLjQ1MTUuMTU5IFNhZmFyaS81MzcuMzYiLCJhY2NlcHRfbGFuZ3VhZ2UiOiJkZS1ERSxkZTtxPTAuOSIsImNvbm5lY3Rpb25fc3BlZWQiOiJicm9hZGJhbmQifQ==
.rembrandtcasino.com/ Name: PHPSESSID
Value: jmduv6j9duae528bao8au2o08i
.rembrandtcasino.com/ Name: lang
Value: en
.www.rembrandtcasino.com/ Name: api-reporting-cookie
Value: eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.eyJpYXQiOjE2MzEyMDM3ODEsImV4cCI6MTYzMTIwNzM4MSwidXNlcm5hbWUiOiJjb25kb3ItZnJvbnQtb2ZmaWNlIiwiYnJhbmQiOiJyZW1icmFuZHQiLCJyb2xlcyI6WyJVc2VyIl19.ivNsZzDyV_6rQ-ZPc5WdAUqf8TpUlzDRY3f9lBfd9dVW-rMLxem8LEQ6EqPXuRZD_7Lrmw2QArX_42xRqgpnDRO-jHMuKbYH5PXBfZ0qE4yLJ9u6XmzYeKtu6KYu2hA6YhHUZ-TMWxr2drjfn1gs0RN3it0NoUrVS7IYpkz-PHFZXQUdRNdfYc3NO9K5oqO3mV1xRQEE-2g2UJRrSSDT1TKDnQ4FtvwibH6lM1bRG7k4kCGA9ntwYrtuhjZPnvD7MCJtVZXEn96MFJq_o_chW4PdEczMBsMqmUm7rZAd-pOVeAwao5FlJO7GKczWTp6g-vyn4EyQR9UnTMVhVzVMbdeD2FlumWfgshGckTXmLEUQzZWybLIkmfj2Q0cs72eh3Rg_l3agMryMm9wW7V7VkJ0AOOtSYs1lUsTkSCQdXmIgDPzWFbwNW968Qacu-E9qgiXTszTICQfVXYtvqiJlDC5_0gkNlbbcAsNjhlNtGK2T8gV_vYnmuriNS0rZqPd2ZSG0MSMLmyuvSdjrtp3N_08kFZoUcz3jUYzZMnt-ZOMqhL6IbhXntYXefIlUP1DrOtXbGbhF9lglnBlCAWxQ4y9Hf0Tnt3uEhLVTpkBxhV118lUYSy3ctbrsiUN6Z7ryhJuUVLhDOh7KA9VBkgbnRj8OYY-8tejj4QC34jdgcSE
.rembrandtcasino.com/ Name: visited
Value: Yes
.rembrandtcasino.com/ Name: affiliate_code
Value: 20651
.rembrandtcasino.com/ Name: transaction_id
Value: 102182fe9f8786a919d3eecc38131f
.rembrandtcasino.com/ Name: media_code
Value: textlink
.rembrandtcasino.com/ Name: postback_token
Value: eyJ0cmFuc2FjdGlvbl9pZCI6IjEwMjE4MmZlOWY4Nzg2YTkxOWQzZWVjYzM4MTMxZiJ9
.360yield.com/ Name: tuuid
Value: e77c8ab2-2936-4052-8149-c6ea721577f9
.360yield.com/ Name: tuuid_lu
Value: 1631203782
.pubmatic.com/ Name: KRTBCOOKIE_650
Value: 12226-0d843e9a-e7d3-40fd-979f-357e351b9264&KRTB&23232-0d843e9a-e7d3-40fd-979f-357e351b9264
.pubmatic.com/ Name: PUBMDCID
Value: 3
ads.stickyadstv.com/ Name: UID
Value: 68995528c4956af88a4fd5e325d8a4a
ads.stickyadstv.com/ Name: uid-bp-687
Value: 0d843e9a-e7d3-40fd-979f-357e351b9264
ads.stickyadstv.com/ Name: sessionId
Value: 7cb2271ab1acc24d8048d5627aefecb9
.adnxs.com/ Name: uuid2
Value: 1179331125129668025
.spotxchange.com/ Name: audience
Value: 57d972ca-1188-11ec-9a4f-160292010106
.sxp.smartclip.net/ Name: uuid
Value: 14e74376-a2e4-4f8b-a9fe-03112c105efd
.sxp.smartclip.net/ Name: dspuuid
Value: 44.0d843e9a-e7d3-40fd-979f-357e351b9264
.sxp.smartclip.net/ Name: psyn
Value: 18879.44
.rembrandtcasino.com/ Name: _ga
Value: GA1.2.1063687129.1631203783
.rembrandtcasino.com/ Name: _gid
Value: GA1.2.1720765088.1631203783
.rembrandtcasino.com/ Name: _gat_UA-82757551-1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUlsGsQdwm4pKVNkXXul9a9OZZqxCD3lfkh1FeDezsPYynSZvD-Mw8RuNbftQ-s
.rembrandtcasino.com/ Name: _pin_unauth
Value: dWlkPU1tVTVPRE15TUdZdE1XVTNaaTAwTURVM0xUazJaVFF0TldZeU1UYzNZVE15T1RabQ
.rembrandtcasino.com/ Name: _fbp
Value: fb.1.1631203783921.1707646585
.google.com/ Name: NID
Value: 223=JqLWyHyBCvzvlcfL9vzif7iQOFRP51bHcp_HXyEAQ73d2keNVhByCuEtS5KmcUibKwvpb3vD0-QcgWHElpXDFnJwwZeizZgCtDl2CNCyi6zTQtG73UY3gHiAF1Ay6tm5YDJXe6gSMJ3fcTv23i9ncx-7Swz01f653_1R5AqmERU
.rembrandtcasino.com/ Name: _gat
Value: 1
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 8618911629037728404
.adsby.bidtheatre.com/ Name: __kuid
Value: 0d843e9a-e7d3-40fd-979f-357e351b9264.400417787
.rembrandtcasino.com/ Name: _hjid
Value: c6b333ed-4a9c-45c8-8cc3-a07c59526774
.rembrandtcasino.com/ Name: _hjFirstSeen
Value: 1
.360yield.com/ Name: um
Value: !69,sh-pKFjgQJ.TeQMySiBg6z0n41jhq.n4u3lEw0BVTbu8xcPz3-8UnkLDpe3gsXNDxEg=,1638979787
.360yield.com/ Name: umeh
Value: !69,0,1693411787,-1
.pubmatic.com/ Name: PugT
Value: 1631203787
.adnxs.com/ Name: anj
Value: dTM7k!M4.FEVNsVF']wIg2HaOw<Q91!A#Fu.TSz-nz7a[-ldfQQQ9s/[g'tF[i3O/^+/KNQU[jiE]bi/[LpQO[J>xiSiZ)Eq/TK@ki'G=*f=kW*g0D(ccGua

6 Console Messages

Source Level URL
Text
network error URL: https://www.rembrandtcasino.com/assets/banners/lb_banner_register_1.png
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: https://www.rembrandtcasino.com/en/register
Message:
The resource https://s2.adform.net/banners/scripts/st/trackpoint-sync.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.rembrandtcasino.com/en/register
Message:
The resource https://www.rembrandtcasino.com/js/app.1631183175086.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.rembrandtcasino.com/en/register
Message:
The resource https://cdn.jsdelivr.net/npm/cookie-bar/cookiebar-latest.min.js?forceLang=en&theme=flying&tracking=1&thirdparty=1&always=1&hideDetailsBtn=1&showPolicyLink=1&privacyPage=%2Fprivacy was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
javascript warning URL: https://www.rembrandtcasino.com/en/register
Message:
The resource https://www.rembrandtcasino.com/js/vendor.1631183175086.js was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.
network error URL: https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
Message:
Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ad.360yield.com
ad.sxp.smartclip.net
ads.stickyadstv.com
adsby.bidtheatre.com
apis.google.com
cdn.jsdelivr.net
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
ct.pinterest.com
fonts.googleapis.com
freegeoip.app
ib.adnxs.com
match.adsby.bidtheatre.com
match.prod.bidr.io
offpage.xyz
pixel.rubiconproject.com
s.pinimg.com
s2.adform.net
script.hotjar.com
simage2.pubmatic.com
ssl.gstatic.com
static.hotjar.com
static.trafficjunky.com
stats.g.doubleclick.net
storage.googleapis.com
sync.search.spotxchange.com
tb.de17a.com
track.adform.net
trafficgridmedia.go2cloud.org
vars.hotjar.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.k33clq-3.com
www.rembrandtcasino.com
match.adsby.bidtheatre.com
match.prod.bidr.io
13.224.193.38
13.225.87.76
142.250.201.194
143.204.207.9
174.138.107.223
178.62.202.251
18.192.92.12
185.33.220.240
185.64.190.80
185.94.180.126
2.18.48.37
2.21.142.210
205.185.208.79
213.155.156.188
2606:4700:20::681a:4f1
2606:4700:3036::6815:13c8
2a00:1450:4001:800::2010
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2003
2a00:1450:4001:812::200d
2a00:1450:4001:827::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2003
2a00:1450:400a:801::200e
2a00:1450:400d:80a::2004
2a00:1450:4025:401::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:54::84
2a04:4e42:600::485
34.117.99.21
37.157.2.248
37.157.4.39
52.210.174.128
52.215.165.29
69.173.144.139
94.102.4.214
0268fcad810da536a3cf84e7697c0cc35765022ce9813314ec96c4578ade61fb
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12b529b9c6b9a9a6d98693b4ef8d6978565f9cd682be172dffa12903c8ae1075
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
159ff47521dd3ce533c5391f8682ce109fab556824bc6943809c2416cb004189
15d45fecc69fc7bb124a89ac1a7baed0ced324dd70fcaaa8c827a8ede2bac133
2125353aeb7048165c70a8e3ca03e07477d68e0fe9da5b212f0340cb0a1ecfb6
241198efe801d8fa8cd2715098d2128005bda91fae87dced9ffdd4172a5c6fb2
27095d13a9c6e755cb20dc225c60d419aaea91a9ec240b842527daea5c98a3ba
2d94cc8c0bba0ced89647048165c1f155618780b6d2d949ce4e7980eac2ed18f
2eb325f01120387482d53a8b6f128b623e46e0b9d489e3bee9690aea412e1606
335b59e615135313a66319e641cdad6ac3489a600e04d4181c859699bed4babe
33d18bfaad19367135cba7d9096fba55164cd67b8e5819617c6d6b34bd43454b
377c94c47bf37aa0f6c2aeb49e684c5e08a20e056a01d05438772f24e87e62c1
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
3d37b170affddaaa2a6489a82bab8df4e72c56a65b069991ea9084643d477d58
46929d186132d652766af278d5e0c6da4c389c8a0d362fd9f9bb60301bcec40b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5635aaec368fd848af702de7c92589548ae4c60a141931b6d42b55f94c22ec79
566b050c3e11dfc2b5e888ee29f3648ebf2bcfa3def82d7146216b549b8094e3
5bc1579740c7f4cea9f43d4cbef6b5bbed2a779a22f163fa5040d0e8b9bbe055
5d7c59e9ad66d6b979cc94b727c5c07b1f746dd380bcddf62784b527a18bbb80
64e6f4d16592aa0d6ec998b1fc4bb5e544848acd67dfc476e11f4647cc6b700f
66e9b1c3624b6efb5d7de67a90722c0372eb4dbc88c280f1659499d62ec38420
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
718a91b67003bfe60ec1514ba4621bd3d8833a22e3fb5c6e581604aab159cf7a
7318e85c2e4eac4452a9b28c83b63800d7781eaae08f92f6bb395a01c6e90bc9
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
7464584122eea6d02b01347b8f092b8a627793bd3270d71e92ed7c5a6544822e
765110c2ed9df6800bace14e8a25e1eab733ff6b792266fbcbe3a34b6649da0b
78cf4aceb1c414ab57710748dc6573c5bbe153bb165b7f9b2acb307d7e238da9
7b7e6f2bcc8414315f6758234e5c93075673eab353d4f50161a386cefb352704
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88ca677c14d4217c2f6b8c8964a1d172027974c4c0839e4d531ad7d3d6de1987
8b3dc31e395caf7b255cfbec1519f594267aec77598f3af4c109342c980ab734
8d9e56ea137c84a417dfc43c2b05c93556ed6d01c7670c733d8cd74e9ff1c9be
8daf09a6fc31937457dd77e9c25ce4b21349d605b561a8c5d557841bf964c9a0
8ef8ddcbf995f47d9cfaad5392f603e1eefe2c8245583ff43a02b758cd45e3d4
8f0a4ac2f8478b7610d283e4e20a224e0508190e0ccf33915ae4cf58d838bab5
8f35e3a1a897c2113f2b18c69caac27cc124912e43bd02e6339984cf48c14504
911fcf59d6270af3430e336493a0f1e1df768a2629d2ba99e323f76bcce19d0c
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1da7c522191c27fc148db8450e1dd31b19d58f1b8fdd2b6364da9e18653f740
a4e2e3e4632b82427098b97dab6bcaf06f48e64995c05a36ed5b7bcd811400ec
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b89bb651692e73dc3347c90af5dab24942237d4d5e7475d1e91e707f8fbfec5c
b993157a30c068ca1817648edef902e6bd547d04a7bb3d563b84fb3c057da77e
c766bc0193a72b72a1c2b1d8d8704a221d50f23d0973d19e550eedc2df20740f
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce23bdc14eb22eecad91cef112ea740ebd6928a8cdef11362d1d5b25320bd5d4
d07d1c56b4d065242ead4e55abc7ffca25bf17aafb4ef9353883a93af18065ce
d3d1d2c131cc9a82532ee11da41c7d0e7315a277ec53d6b21b343a5de3142f0a
d6e1609d75a33b567eafb43d8f297315fd1c0a3f0876d55d06745697a017d7bd
da8d42ab0615d1a93811c216c6eb85d607b65c71714f6efa56b1e7f55b597b85
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df63145b5bab066ed79ebb0901f48ee2ad1e217dfbaa15280833dfd04061cb43
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e9a20fa78246b8b2f0d8d168e33dd3860affa0fb2757a2fde2bd817bab5d495f
eb0b072c78ba88e87b07c39c22f9bef724ea89f29f2a195ec4ab33b3bc75797d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6445645697521de9ac94cbf59a33bf28c89c94164a8bfb7e93f4ce15d9bef5
f6851d9ce8f7d3b11d1784de142969571cc8a1de4bb59e0f1259fab7d5f40dc4
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fd918352908d83e454f6a7e1b59df4db1a89f38a62069b480463501e48230dfa
ff0efc45d448457b47187fb2782cdec358b1327a56585daadcfe1cfa3d3c820f