urlscan.io logo urlscan.io
SecurityTrails logo

www.32red.com Open in urlscan Pro
104.17.116.43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.32red.com/
Effective URL: https://www.32red.com/
Submission: On February 28 via manual from PH
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 24 IPs in 8 countries across 22 domains to perform 52 HTTP transactions. The main IP is 104.17.116.43, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.32red.com.
TLS certificate: Issued by Trustwave Organization Validation SHA... on November 6th 2019. Valid for: 2 years.
This is the only time www.32red.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 15 104.17.116.43 13335 (CLOUDFLAR...)
2 217.10.139.203 6908 (DATAHOP D...)
3 2a00:1450:400... 15169 (GOOGLE)
1 23.203.93.9 16625 (AKAMAI-AS)
2 34.252.9.88 16509 (AMAZON-02)
2 152.199.23.241 15133 (EDGECAST)
2 138.1.36.135 31898 (ORACLE-BM...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2 216.58.208.38 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f02... 32934 (FACEBOOK)
3 37.157.2.238 198622 (ADFORM)
1 2 37.252.173.22 29990 (ASN-APPNEX)
1 151.101.12.157 54113 (FASTLY)
1 13.225.73.112 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 34.253.43.81 16509 (AMAZON-02)
1 104.244.42.69 13414 (TWITTER)
2 35.186.226.184 15169 (GOOGLE)
2 2a03:2880:f12... 32934 (FACEBOOK)
1 35.181.91.36 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
1 104.17.208.240 13335 (CLOUDFLAR...)
1 104.244.42.131 13414 (TWITTER)
52 24
15    104.17.116.43 (United States)

ASN13335 (CLOUDFLARENET, US)
www.32red.com
css.32red.com
static.32red.com
2    217.10.139.203 (Camden, United Kingdom)

ASN6908 (DATAHOP Datahop - Six Degrees, GB)
PTR: services.postcodeanywhere.co.uk
services.postcodeanywhere.co.uk
3    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    23.203.93.9 (United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-93-9.deploy.static.akamaitechnologies.com
static.atgsvcs.com
2    34.252.9.88 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-9-88.eu-west-1.compute.amazonaws.com
c1.adalyser.com
2    152.199.23.241 (United States)

ASN15133 (EDGECAST, US)
tags.tiqcdn.com
2    138.1.36.135 (United States)

ASN31898 (ORACLE-BMC-31898, US)
rules.atgsvcs.com
3    2a00:1450:4001:821::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    216.58.208.38 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra15s12-in-f6.1e100.net
5807549.fls.doubleclick.net
1    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    37.252.173.22 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    13.225.73.112 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-112.fra2.r.cloudfront.net
sc-static.net
2    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    34.253.43.81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-253-43-81.eu-west-1.compute.amazonaws.com
dpm.demdex.net
unibet.demdex.net
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
2    35.186.226.184 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com
tr.snapchat.com
2    2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    35.181.91.36 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-91-36.eu-west-3.compute.amazonaws.com
unibetlondonltd.d3.sc.omtrdc.net
1    66.117.28.86 (United States)

ASN15224 (OMNITURE, US)
cm.everesttech.net
1    104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET, US)
zn5anr1yufr0fxp8n-32red.siteintercept.qualtrics.com
1    104.244.42.131 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
Domain Requested by
8 css.32red.com www.32red.com
5 static.32red.com www.32red.com
3 track.adform.net www.32red.com
track.adform.net
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.32red.com
3 www.googletagmanager.com www.32red.com
2 unibet.demdex.net tags.tiqcdn.com
2 www.facebook.com www.32red.com
2 tr.snapchat.com www.googletagmanager.com
2 dpm.demdex.net tags.tiqcdn.com
www.32red.com
2 stats.g.doubleclick.net www.32red.com
2 secure.adnxs.com 1 redirects www.32red.com
2 connect.facebook.net www.32red.com
connect.facebook.net
2 5807549.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 rules.atgsvcs.com static.atgsvcs.com
2 tags.tiqcdn.com www.32red.com
tags.tiqcdn.com
2 c1.adalyser.com www.32red.com
2 services.postcodeanywhere.co.uk www.32red.com
2 www.32red.com 1 redirects
1 analytics.twitter.com static.ads-twitter.com
1 zn5anr1yufr0fxp8n-32red.siteintercept.qualtrics.com www.32red.com
1 cm.everesttech.net 1 redirects
1 unibetlondonltd.d3.sc.omtrdc.net tags.tiqcdn.com
1 t.co www.32red.com
1 sc-static.net www.32red.com
1 static.ads-twitter.com www.32red.com
1 script.crazyegg.com www.googletagmanager.com
1 static.atgsvcs.com www.32red.com
52 27
Subject Issuer Validity Valid
*.32red.it
Trustwave Organization Validation SHA256 CA, Level 1		 2019-11-06 -
2021-09-22		 2 years crt.sh
*.postcodeanywhere.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2020-02-11 -
2021-02-10		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
static.atgsvcs.com
DigiCert SHA2 Secure Server CA		 2019-04-24 -
2020-07-23		 a year crt.sh
*.adalyser.com
Thawte RSA CA 2018		 2019-06-04 -
2021-07-07		 2 years crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-13		 3 years crt.sh
rules.atgsvcs.com
DigiCert SHA2 Secure Server CA		 2019-09-26 -
2020-09-25		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2020-01-28 -
2020-08-05		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2020-01-16 -
2020-04-15		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
sc-static.net
DigiCert SHA2 Secure Server CA		 2019-03-11 -
2021-03-15		 2 years crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh
tr.snapchat.com
DigiCert SHA2 Secure Server CA		 2019-02-19 -
2021-02-23		 2 years crt.sh
*.d3.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2019-04-23 -
2020-04-14		 a year crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2018-10-08 -
2021-01-06		 2 years crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.32red.com/
Frame ID: D551632EF9D854064590B8D136420434
Requests: 65 HTTP requests in this frame

Frame: https://5807549.fls.doubleclick.net/activityi;dc_pre=CNuTo6jd8-cCFfDFuwgd0QcPpw;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=977548225396;gtm=2wg2j0;auiddc=554544794.1582875116;~oref=https%3A%2F%2Fwww.32red.com%2F
Frame ID: C66C3DD9E2A0425EE27C3B39FD9DCD05
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=bb9962e6-5e9d-4d6a-8637-8acc776cef46
Frame ID: 1C522B8AFF1362E77E13E00012238CF0
Requests: 1 HTTP requests in this frame

Frame: https://tr.snapchat.com/p
Frame ID: 2A87A361CF1DDD0CE728F66BB8B650DF
Requests: 1 HTTP requests in this frame

Frame: https://unibet.demdex.net/dest5.html?d_nsid=0
Frame ID: C8294583F80AC0D84DE98CF721485973
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.32red.com/ HTTP 301
    https://www.32red.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

52
Requests

100 %
HTTPS

25 %
IPv6

22
Domains

27
Subdomains

24
IPs

8
Countries

1642 kB
Transfer

4669 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.32red.com/ HTTP 301
    https://www.32red.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40
  • https://5807549.fls.doubleclick.net/activityi;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=977548225396;gtm=2wg2j0;auiddc=554544794.1582875116;~oref=https%3A%2F%2Fwww.32red.com%2F HTTP 302
  • https://5807549.fls.doubleclick.net/activityi;dc_pre=CNuTo6jd8-cCFfDFuwgd0QcPpw;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=977548225396;gtm=2wg2j0;auiddc=554544794.1582875116;~oref=https%3A%2F%2Fwww.32red.com%2F
Request Chain 44
  • https://secure.adnxs.com/seg?add=14419840&t=1 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1
Request Chain 47
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=839149719&t=pageview&_s=1&dl=https%3A%2F%2Fwww.32red.com%2F&ul=en-us&de=UTF-8&dt=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=163776873&gjid=100217212&cid=1986256177.1582875116&tid=UA-128674441-1&_gid=266053432.1582875116&_r=1&gtm=2ou2j0&z=365063860 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128674441-1&cid=1986256177.1582875116&jid=163776873&_gid=266053432.1582875116&gjid=100217212&_v=j81&z=365063860
Request Chain 61
  • https://cm.everesttech.net/cm/dd?d_uuid=60128981470165266412765497432243347313 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XljB7AAAAu_vR1L0

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.32red.com/
Redirect Chain
  • http://www.32red.com/
  • https://www.32red.com/
190 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8102f0820d69a16d52d96c5653c03dcdf0fa73ed7b2aff419d35d91b2acf43d

Request headers

:method
GET
:authority
www.32red.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__cfduid=df6970d469932db701d69518d785409491582875114
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Fri, 28 Feb 2020 07:31:55 GMT
content-type
text/html; charset=UTF-8
set-cookie
CAKEPHP=0mij8fig21vvvbe9eigjv4k1f3; path=/; HttpOnly BTAG=DirectRequest; expires=Sun, 29-Mar-2020 07:31:54 GMT; Max-Age=2592000; path=/; domain=.32red.com loadedCategory=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ loadedCategory=home; path=/ locale=Q2FrZQ%3D%3D.N2U4ZTI1NTFmZGM3NmY3NDAxNTljN2I5ZTQ5YjhmMGY2MzZiZGIyNDNkNjI5MDg3YTkyOWJmMTYzZmQ5NzY0MXrsaoglD2w4Jygkr%2BKK5mUOYrYIJ3Nf8lcKvr9FFiyK; expires=Sat, 28-Mar-2020 07:31:54 GMT; Max-Age=2505599; path=/ Casino=%7B%22first%22%3A380%7D; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent,Cookie
access-control-allow-header
X-DEBUGKIT-ID
content-encoding
gzip
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56c0b399dcaac83f-AMS

Redirect headers

Date
Fri, 28 Feb 2020 07:31:54 GMT
Content-Length
0
Connection
keep-alive
Set-Cookie
__cfduid=df6970d469932db701d69518d785409491582875114; expires=Sun, 29-Mar-20 07:31:54 GMT; path=/; domain=.32red.com; HttpOnly; SameSite=Lax
Location
https://www.32red.com
CF-Cache-Status
DYNAMIC
Server
cloudflare
CF-RAY
56c0b39909cfc795-AMS
application.v1582818097.css
css.32red.com/css/ 		1 MB
353 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/css/application.v1582818097.css
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e16504eeb7436adaceb16f3144c09dd6f4a8009dc5d609b86813dcd07d145910

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Fri, 28 Feb 2020 07:31:55 GMT
content-encoding
gzip
cf-cache-status
HIT
age
56684
cf-polished
origSize=1295425
status
200
cf-bgj
minify
last-modified
Thu, 27 Feb 2020 15:44:07 GMT
server
cloudflare
etag
W/"62959-13c441-59f909767624b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
56c0b3a20f13c83f-AMS
expires
Sat, 28 Mar 2020 15:47:11 GMT
address-3.70.css
services.postcodeanywhere.co.uk/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://services.postcodeanywhere.co.uk/css/address-3.70.css
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.10.139.203 Camden, United Kingdom, ASN6908 (DATAHOP Datahop - Six Degrees, GB),
Reverse DNS
services.postcodeanywhere.co.uk
Software
nginx/1.15.7 /
Resource Hash
f04711ae3a5f84354911859ddbf7cd5d64abfc2fece6237f6a27627a37551e68

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

Date
Fri, 28 Feb 2020 07:31:55 GMT
Content-Encoding
gzip
Server
nginx/1.15.7
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
2170
address-3.70.js
services.postcodeanywhere.co.uk/js/ 		216 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.postcodeanywhere.co.uk/js/address-3.70.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.10.139.203 Camden, United Kingdom, ASN6908 (DATAHOP Datahop - Six Degrees, GB),
Reverse DNS
services.postcodeanywhere.co.uk
Software
nginx/1.15.7 /
Resource Hash
7ce0cd9b15f9688b8d5aeef9e8291c5608684693df215e8b5decb28e5abbe170

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 28 Feb 2020 07:31:55 GMT
Content-Encoding
gzip
Server
nginx/1.15.7
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
44243
logo.svg
static.32red.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.32red.com/img/logo.svg?1582875115
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54e2c42a9f9497b880f571462ea03949ad526e4b5d67e298369f2a775755758

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
gzip
cf-cache-status
MISS
last-modified
Tue, 21 Nov 2017 09:28:55 GMT
server
cloudflare
etag
W/"16070f-9d6-55e7ad4fc4f87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
cf-ray
56c0b3a21f2bc83f-AMS
expires
Sat, 27 Feb 2021 07:40:31 GMT
RND_Village_People_Macho_Moves-ttred.jpg
static.32red.com/img/homepage-header/large/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.32red.com/img/homepage-header/large/RND_Village_People_Macho_Moves-ttred.jpg
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fbc7c43625155d5551e373226041fbb5e9e344fb119f54d595fe56610dfaced

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 28 Feb 2020 07:31:55 GMT
cf-cache-status
HIT
age
682574
cf-polished
degrade=85, origSize=720936
status
200
cf-bgj
imgq:85
content-length
170277
last-modified
Tue, 26 Nov 2019 13:20:17 GMT
server
cloudflare
etag
"166508-b0028-5983fbdbce077"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
56c0b3a21f2dc83f-AMS
expires
Fri, 19 Feb 2021 10:04:17 GMT
hot_wheel.svg
static.32red.com/img/races/ 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.32red.com/img/races/hot_wheel.svg
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b88a0e0af9d7c7558abd8832198a957af7b6c614f25d33d7278665949b5e43

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 28 Feb 2020 07:31:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 28 Jan 2019 09:14:23 GMT
server
cloudflare
age
2488198
etag
W/"19e68f-378e-580811a4b540c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
cf-ray
56c0b3a2e8c5c83f-AMS
expires
Fri, 29 Jan 2021 12:30:33 GMT
loader.svg
static.32red.com/img/ 		1014 B
666 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.32red.com/img/loader.svg
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2eee525972c2b03779f3d1d8c8d97559d4de12d40f3aca2f6385cf0f5bed56d

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 28 Feb 2020 07:31:55 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2017 12:21:09 GMT
server
cloudflare
age
2488198
etag
W/"15fabb-3f6-55a0297f350f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
cf-ray
56c0b3a2e8c6c83f-AMS
expires
Fri, 29 Jan 2021 12:30:33 GMT
framework.v1582818095.js
css.32red.com/js/ 		943 KB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/js/framework.v1582818095.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f616790eef8b646a83c55e7d3adfa639d40adac0b1c21b6c785860898f433dd1

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:55 GMT
content-encoding
gzip
cf-cache-status
HIT
age
56684
cf-polished
origSize=965595
status
200
cf-bgj
minify
last-modified
Thu, 27 Feb 2020 15:42:59 GMT
server
cloudflare
etag
W/"1409f4-ebbdb-59f909354bf15"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
56c0b3a28816c83f-AMS
expires
Sat, 28 Mar 2020 15:47:11 GMT
application.v1582818096.js
css.32red.com/js/ 		394 KB
101 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/js/application.v1582818096.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbef3df9cd49ce3b24c406d063b2ac65b6ba0ba61bd8329d22efd68c195e21bc

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:55 GMT
content-encoding
gzip
cf-cache-status
HIT
age
56684
cf-polished
origSize=403090
status
200
cf-bgj
minify
last-modified
Thu, 27 Feb 2020 15:42:59 GMT
server
cloudflare
etag
W/"1409e3-62692-59f909354171d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
56c0b3a2e8c3c83f-AMS
expires
Sat, 28 Mar 2020 15:47:11 GMT
general-desktop-main.v1582818096.js
css.32red.com/js/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/js/general-desktop-main.v1582818096.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81ffb8cbc0c960eec0ca9412721ed43227c09c6a5924d4da187403b3bf86759b

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:55 GMT
content-encoding
gzip
cf-cache-status
HIT
age
56684
cf-polished
origSize=30367
status
200
cf-bgj
minify
last-modified
Thu, 27 Feb 2020 15:42:19 GMT
server
cloudflare
etag
W/"140a13-769f-59f9090f28a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
cf-ray
56c0b3a2e8c4c83f-AMS
expires
Sat, 28 Mar 2020 15:47:11 GMT
js
www.googletagmanager.com/gtag/ 		75 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128674441-1
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e085b43d5677389e646dfc1d862fb1f3cc812b59b58e08b81b9bd75a6285c31c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:55 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28625
x-xss-protection
0
last-modified
Fri, 28 Feb 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 28 Feb 2020 07:31:55 GMT
atgsvcs.js
static.atgsvcs.com/js/ 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.atgsvcs.com/js/atgsvcs.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.203.93.9 , United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-203-93-9.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
1bf46fc67f5f3e054f5b33405c52949ee7158356544c3533c13a364a7ed764fd

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 28 Feb 2020 07:31:56 GMT
Content-Encoding
gzip
Last-Modified
Tue, 04 Feb 2020 05:51:29 GMT
Server
AkamaiNetStorage
ETag
"1e075d3d758199a9455ec4007284e808:1580795489.005511"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR NID CUR OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
29468
transparencySprite.png
static.32red.com/img/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.32red.com/img/transparencySprite.png
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81584e2bee9d7defdd17b5a4a089ec403cf86bac22c41411692c7017869bc14

Request headers

Referer
https://css.32red.com/css/application.v1582818097.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
cf-cache-status
HIT
age
2488071
cf-polished
pngoptimizer, origSize=63550
status
200
cf-bgj
imgq:85
content-length
63548
last-modified
Thu, 16 Nov 2017 13:07:21 GMT
server
cloudflare
etag
"15fbc9-f83e-55e194cf07a24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
56c0b3a2f8e1c83f-AMS
expires
Fri, 29 Jan 2021 12:32:41 GMT
2CD456_0_0.woff2
css.32red.com/fonts/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/fonts/2CD456_0_0.woff2
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f85d09fb46544e82ca327703c16c54c67e589d5032ed0359919c1d848abb67d5

Request headers

Referer
https://css.32red.com/css/application.v1582818097.css
Origin
https://www.32red.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
cf-cache-status
HIT
age
2488071
status
200
content-length
33110
last-modified
Tue, 28 Jan 2020 14:08:50 GMT
server
cloudflare
etag
"14016b-8156-59d33c35bba1b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
56c0b3a35e1cbf5f-AMS
expires
Fri, 29 Jan 2021 12:24:05 GMT
icomoon.ttf
css.32red.com/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/fonts/icomoon.ttf?9pgb6k
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f2bfdceb72c799c1d7253054493690d47bb650de2fd8fd3d7bb834299e93119

Request headers

Referer
https://css.32red.com/css/application.v1582818097.css
Origin
https://www.32red.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
cf-cache-status
HIT
age
332455
status
200
content-length
60188
last-modified
Mon, 24 Feb 2020 11:06:47 GMT
server
cloudflare
etag
"140887-eb1c-59f505e074fcc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
56c0b3a35e20bf5f-AMS
expires
Tue, 23 Feb 2021 11:11:01 GMT
2CD456_2_0.woff2
css.32red.com/fonts/ 		31 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/fonts/2CD456_2_0.woff2
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
193a2818e9e3e60e2c86fd3b829327b19843187fba3c7a6d1884c76d5630ff77

Request headers

Referer
https://css.32red.com/css/application.v1582818097.css
Origin
https://www.32red.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
cf-cache-status
HIT
age
2488071
status
200
content-length
32039
last-modified
Tue, 28 Jan 2020 14:08:50 GMT
server
cloudflare
etag
"140175-7d27-59d33c35c42d3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
56c0b3a35e22bf5f-AMS
expires
Fri, 29 Jan 2021 12:24:05 GMT
fontawesome-webfont.woff2
css.32red.com/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.116.43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://css.32red.com/css/application.v1582818097.css
Origin
https://www.32red.com
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
cf-cache-status
HIT
age
2488071
status
200
content-length
77160
last-modified
Tue, 28 Jan 2020 14:06:52 GMT
server
cloudflare
etag
"14088e-12d68-59d33bc604bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
56c0b3a35e24bf5f-AMS
expires
Fri, 29 Jan 2021 12:24:05 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ad91bc56e802c6fb8ad369737ac0a130e0a499d410a4c00edf0996aeb2e1280

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3908f39229b0d50edd744c9c3025cb55465f66a6c2c3c61fb15830a6ad1aa7f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7786d13cb705435a677eec510c699e4ad381dd936638815c19ef27b28eb8bb1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bef384855f383317b1fdc195dbca645cd11c71baef5140d457f2f6eafa84dd5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
595ccda4303e8b0ff3415aa12bd620eebe434c48a4c3ebaf825c544fcfe0614d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9677a9eb54e83b23c5d6b6938ac3b697ec9d025816d21da56c72f3bcf4735de6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c58581f14d33cd1d7c0a0c399ec373046cc4a10373ddceed6ef5d068ce2917aa

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e98bd1bfcea80893f7a6f36aea254fdab4a1982c7511cfa406dd79f51da7513

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fa92d7ef514a7e90a078083fd3bc01237736a88544a25a41c0ebb1f5d3dc9b6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a15b56b3ab11e5c2a9744c7e7965c5edc19881eb50dcb605d2a489d649d2f63

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0448b0f29df3226d9612bdf00fd4e1b8b54b40d166870edc13622f1f5fd8ab3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
220dfc78f32ca158058a7d27afeed3ea36816538baf391dbe6aae3af9f77fd6d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7392ff19107f054658ad2eaea2e7628f5a265cc7c09a94c5fdb19db6739c91b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c05a2b5ca4d672bc37d8abaa2f5f9958cc0484199c6fffd012615e328278822c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7d30d50c8bd1a098e213d2798fdbef78e34b752fd852beccc94229ab074a55d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80a5f94a201ad353f364deeb6bdc6c3454f85503b58d1e74055fe1f1a605abc2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3db39cbed2bf88aad2a271b3687da87409900affc0f4e738e5e7002a578eaecd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/ 		133 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d788d388b78ab019b71c4f6cd63ed8e4333f58248dee7fb53ea12eac66568922
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
31528
x-xss-protection
0
last-modified
Fri, 28 Feb 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 28 Feb 2020 07:31:56 GMT
adalyser.js
c1.adalyser.com/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.adalyser.com/adalyser.js?cid=32red
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.9.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-9-88.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
8a8beec5e0c5d2e3d4071a8c532dd315c8a22e30fcdf570946a360e19809aace

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 28 Feb 2020 07:31:56 GMT
Content-Encoding
gzip
X-Powered-By
Express
ETag
"f4570ebd47039b340ce34d52b8dd9637eb70d91f"
P3P
CP="ADMa OUR IND DSP NON COR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Headers
origin, content-type, accept
Content-Length
12278
gtm.js
www.googletagmanager.com/ 		55 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TXF3B7K&l=dataLayerNew
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
03bff3d4c99e08c6f3089da93184ab208b87771bf7c2682b2d1272624f6d36f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
br
status
200
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
20911
x-xss-protection
0
last-modified
Fri, 28 Feb 2020 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 28 Feb 2020 07:31:56 GMT
utag.js
tags.tiqcdn.com/utag/kindred/32red/prod/ 		109 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B57) /
Resource Hash
49da67ad26dc00e3a438f00ddeb8b47563407b07911b98babf58278bd3aae09a

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
gzip
last-modified
Thu, 20 Feb 2020 11:15:39 GMT
server
ECAcc (ama/8B57)
age
72
etag
"2281685252"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
34478
expires
Fri, 28 Feb 2020 07:36:56 GMT
xd.js
rules.atgsvcs.com/EERules/xd/3.0/json/200106309199/ 		84 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.atgsvcs.com/EERules/xd/3.0/json/200106309199/xd.js
Requested by
Host: static.atgsvcs.com
URL: https://static.atgsvcs.com/js/atgsvcs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.1.36.135 , United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
7e56d1499254c269a72ed010fee0eb09e5b275b9bba65b7c8e517871ca9b27f2

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

Date
Fri, 28 Feb 2020 07:31:56 GMT
Last-Modified
Wed, 01 May 2013 00:00:00 GMT
Transfer-Encoding
chunked
P3P
CP="NON DSP COR CUR OUR LEG PHY COM",policyref="http://as00.estara.com/w3c/p3p.xml"
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
analytics.js
www.google-analytics.com/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128674441-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
5985
date
Fri, 28 Feb 2020 05:52:11 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
18174
expires
Fri, 28 Feb 2020 07:52:11 GMT
activityi;dc_pre=CNuTo6jd8-cCFfDFuwgd0QcPpw;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=977548225396;gtm=2wg2j0;auiddc=554544794.1582875116;~oref=https%3A%2F%2Fwww.32red.com%2F
5807549.fls.doubleclick.net/ Frame C66C
Redirect Chain
  • https://5807549.fls.doubleclick.net/activityi;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=977548225396;gtm=2wg2j0;auiddc=554544794.1582875116;~oref=https%3A%2F%2Fwww.32red.com%2F?
  • https://5807549.fls.doubleclick.net/activityi;dc_pre=CNuTo6jd8-cCFfDFuwgd0QcPpw;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=977548225396;gtm=2wg2j0;auiddc=554544794.1582875116;~oref=https%3A%2...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5807549.fls.doubleclick.net/activityi;dc_pre=CNuTo6jd8-cCFfDFuwgd0QcPpw;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=977548225396;gtm=2wg2j0;auiddc=554544794.1582875116;~oref=https%3A%2F%2Fwww.32red.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.208.38 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra15s12-in-f6.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5807549.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CNuTo6jd8-cCFfDFuwgd0QcPpw;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=977548225396;gtm=2wg2j0;auiddc=554544794.1582875116;~oref=https%3A%2F%2Fwww.32red.com%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.32red.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
about:blank

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 28 Feb 2020 07:31:56 GMT
expires
Fri, 28 Feb 2020 07:31:56 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
333
x-xss-protection
0
set-cookie
IDE=AHWqTUmnpa6u9ZertJLYJnxGlC8FLzA7Un_Zo3NP8uovlYmL0spJelMHBjDz5ecj; expires=Wed, 24-Mar-2021 07:31:56 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 28 Feb 2020 07:31:56 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5807549.fls.doubleclick.net/activityi;dc_pre=CNuTo6jd8-cCFfDFuwgd0QcPpw;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=977548225396;gtm=2wg2j0;auiddc=554544794.1582875116;~oref=https%3A%2F%2Fwww.32red.com%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 28-Feb-2020 07:46:56 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1462.js
script.crazyegg.com/pages/scripts/0053/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0053/1462.js?439687
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
cf-cache-status
HIT
last-modified
Mon, 24 Feb 2020 20:54:37 GMT
server
cloudflare
age
297439
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
410
cache-control
max-age=86400
cf-ray
56c0b3a4c83a96aa-FRA
content-length
0
fbevents.js
connect.facebook.net/en_US/ 		126 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
content-length
30466
x-xss-protection
0
pragma
public
x-fb-debug
+oL5tAkNaGW02xoevVqb94FVmlmoUE0jdBWH9QmBYX7ysO9cFssLkwBTW1ZuTX/ZTxmMUZSyBsqciWrptiwoZQ==
x-fb-trip-id
2047048586
date
Fri, 28 Feb 2020 07:31:56 GMT, Fri, 28 Feb 2020 07:31:56 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
track.adform.net/serving/scripts/trackpoint/async/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/scripts/trackpoint/async/
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
public, max-age=604800
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
30712
expires
Fri, 06 Mar 2020 07:31:56 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=14419840&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1
0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEX, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Feb 2020 07:31:58 GMT
AN-X-Request-Uuid
baee93d5-6643-47bc-862f-553318fc5587
Content-Type
application/javascript; charset=utf-8
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.109:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 28 Feb 2020 07:31:58 GMT
AN-X-Request-Uuid
1cde288e-57da-4cbe-9147-f7d3537d5cb3
Content-Type
text/html; charset=utf-8
Server
nginx/1.13.4
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
82.102.19.132; 82.102.19.132; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.42:80
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
gzip
age
83857
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-fra19127-FRA
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1582875116.266120,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
scevent.min.js
sc-static.net/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.225.73.112 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-73-112.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e93047ab88ddf3a33047a506b4a7594914e84fcf5ebac4b2723739e728e284b5

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Thu, 27 Feb 2020 22:58:35 GMT
content-encoding
gzip
last-modified
Tue, 25 Feb 2020 22:48:01 GMT
server
AmazonS3
age
30801
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
status
200
cache-control
public, s-maxage=86400, max-age=600
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Dr_B5-rTU_e4zBnVPaQMMpAw-mN8UpSvqd-dZl6IeCp_0G9yaRBh0w==
via
1.1 286eb4b50e0acf373dd03645aee00b7f.cloudfront.net (CloudFront)
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j81&a=839149719&t=pageview&_s=1&dl=https%3A%2F%2Fwww.32red.com%2F&ul=en-us&de=UTF-8&dt=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128674441-1&cid=1986256177.1582875116&jid=163776873&_gid=266053432.1582875116&gjid=100217212&_v=j81&z=365063860
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128674441-1&cid=1986256177.1582875116&jid=163776873&_gid=266053432.1582875116&gjid=100217212&_v=j81&z=365063860
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Fri, 28 Feb 2020 07:31:56 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 28 Feb 2020 07:31:56 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128674441-1&cid=1986256177.1582875116&jid=163776873&_gid=266053432.1582875116&gjid=100217212&_v=j81&z=365063860
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j81&a=839149719&t=pageview&_s=1&dl=https%3A%2F%2Fwww.32red.com%2F&ul=en-us&de=UTF-8&dt=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAgUAB~&jid=2094125793&gjid=1205494141&cid=1986256177.1582875116&tid=UA-69848558-1&_gid=266053432.1582875116&gtm=2wg2j0TH6RPB&z=922452544
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
date
Tue, 04 Feb 2020 17:57:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
2036069
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j81&tid=UA-69848558-1&cid=1986256177.1582875116&jid=2094125793&gjid=1205494141&_gid=266053432.1582875116&_u=YGDAgUAB~&z=1799680672
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Fri, 28 Feb 2020 07:31:56 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
123 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=kindred/32red/202002201115&cb=1582875116259
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/8B33) /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
last-modified
Thu, 14 Apr 2016 16:59:33 GMT
server
ECAcc (ama/8B33)
age
33192
etag
"2243872957"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 28 Feb 2020 07:41:56 GMT
id
dpm.demdex.net/ 		737 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1582875116265
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.43.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6b1e8e19aabd51c8a6d4fc10fd91db0391c1a8c570bdc54a129e035dde938487
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.32red.com/
Origin
https://www.32red.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v062-0b1491909.edge-irl1.demdex.com 5.65.0.20200212140016 3ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
SVn1T16bRJM=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.32red.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
472
Expires
Thu, 01 Jan 1970 00:00:00 GMT
278155385876307
connect.facebook.net/signals/config/ 		447 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/278155385876307?v=2.9.15&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0f128a673b516ea8347410070bfdd3db7e3ee9550d0ca9b562e1fcdbeac7149f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-24=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
YALMmzsG/QfwkJ5M1Tb2WP57a4CYZobMuOyKz1K1lI/644PcmWttW227SvtZoQkNra2VVBIfyqyGdOuP4dlIBw==
x-fb-trip-id
2047048586
date
Fri, 28 Feb 2020 07:31:56 GMT, Fri, 28 Feb 2020 07:31:56 GMT
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
adsct
t.co/i/ 		43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nz06m&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=0
content-length
65
x-xss-protection
0
x-response-time
117
pragma
no-cache
last-modified
Fri, 28 Feb 2020 07:31:56 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
5466e51046321c6b0dd898540e152d59
x-transaction
00487e5000bc295f
expires
Tue, 31 Mar 1981 05:00:00 GMT
p
c1.adalyser.com/tracking/track/v4/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adalyser.com/tracking/track/v4/p?e=lce1&stm=1582875116317&url=https%3A%2F%2Fwww.32red.com%2F&cid=32red&domain=www.32red.com&p=%7B%22a1%22%3A%22Session%22%2C%22et%22%3A1582875116315%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%22741a9a8f-3fc2-4142-aa84-c048be75b3c8%22%2C%22udid%22%3A%229abb8006-cf76-4037-9018-c88b2a29165a%22%2C%22cw%22%3A1582875116315%7D&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.9.88 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-252-9-88.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

Pragma
no-cache
Date
Fri, 28 Feb 2020 07:31:56 GMT
X-Powered-By
Express
ETag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
P3P
CP="ADMa OUR IND DSP NON COR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
content-type
image/gif
Access-Control-Allow-Headers
origin, content-type, accept
Content-Length
43
Expires
0
i
tr.snapchat.com/cm/ Frame 1C52 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/cm/i?pid=bb9962e6-5e9d-4d6a-8637-8acc776cef46
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
tr.snapchat.com
:scheme
https
:path
/cm/i?pid=bb9962e6-5e9d-4d6a-8637-8acc776cef46
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.32red.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.32red.com/

Response headers

status
200
server
nginx/1.17.3
date
Fri, 28 Feb 2020 07:31:56 GMT
content-type
text/html
content-length
0
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
p
tr.snapchat.com/ Frame 2A87 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.snapchat.com/p
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.186.226.184 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
184.226.186.35.bc.googleusercontent.com
Software
nginx/1.17.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
tr.snapchat.com
:scheme
https
:path
/p
content-length
288
pragma
no-cache
cache-control
no-cache
origin
https://www.32red.com
upgrade-insecure-requests
1
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-dest
iframe
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://www.32red.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Origin
https://www.32red.com
Upgrade-Insecure-Requests
1
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.32red.com/

Response headers

status
200
server
nginx/1.17.3
date
Fri, 28 Feb 2020 07:31:56 GMT
content-type
text/html
content-length
0
access-control-allow-origin
*
cache-control
no-cache, no-transform
set-cookie
sc_at=v2|H4sIAAAAAAAAAAXBiQ0AIQgEwIpIWJ7TLQcjVwXFO+P2l9EhgSiJjiVMqNB4D71Pa80gt+2VwDf6ACYMUzkyAAAA;SameSite=None;Version=1;Comment=;Domain=.snapchat.com;Path=/;Max-Age=33696000;Secure
strict-transport-security
max-age=31536000; includeSubDomains
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
/
www.facebook.com/tr/ 		44 B
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=278155385876307&ev=PageViewGTM&dl=https%3A%2F%2Fwww.32red.com%2F&rl=&if=false&ts=1582875116361&sw=1600&sh=1200&v=2.9.15&r=stable&ec=0&o=30&fbp=fb.1.1582875116361.1050096073&it=1582875116273&coo=false&rqm=GET
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT, Fri, 28 Feb 2020 07:31:56 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Fri, 28 Feb 2020 07:31:56 GMT
/
track.adform.net/Serving/TrackPoint/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=1365854&ADFPageName=32Red%20Casino%20Homepage%20View&ADFdivider=%7C&ord=370587243255&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.32red.com%2F
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
2dd12ffcc12d94caee754bec78453eaecd1236ea2663de1f8897eba6a986b5a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
8809
expires
-1
Cookie set dest5.html
unibet.demdex.net/ Frame C829 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://unibet.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.43.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
unibet.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Referer
https://www.32red.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=60128981470165266412765497432243347313
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
iframe
Referer
https://www.32red.com/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Fri, 21 Feb 2020 15:20:54 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=60128981470165266412765497432243347313;Path=/;Domain=.demdex.net;Expires=Wed, 26-Aug-2020 07:31:56 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
AUaNpZDjQBA=
Content-Length
2785
Connection
keep-alive
id
unibetlondonltd.d3.sc.omtrdc.net/ 		2 B
317 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=60159195613603570342769652976706249450&ts=1582875116431
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.181.91.36 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-181-91-36.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.32red.com/
Origin
https://www.32red.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Fri, 28 Feb 2020 07:31:56 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-5bb688c676-cjlmb
vary
Origin
x-c
master-1169.Ie4359b.M0-349
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.32red.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=XljB7AAAAu_vR1L0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=60128981470165266412765497432243347313
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XljB7AAAAu_vR1L0
42 B
915 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XljB7AAAAu_vR1L0
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.43.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v062-0db88263e.edge-irl1.demdex.com 5.65.0.20200212140016 1ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-Content-Type-Options
nosniff
X-TID
kYc8EpiVShI=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Fri, 28 Feb 2020 07:31:56 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XljB7AAAAu_vR1L0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
/
track.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... 		126 B
706 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/Vla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBAhqvnu5yIguaDeyjaY2ftckuyPBDjaY2.rIN87gq1aueuma9J.FxQ_i.uJtHoqvynx9MsFyxYM914Ve_clr95y.25.ea469ub9WK2izezHKyN6l7pp0iJ3A0KFgBFY5BNlrJcNlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.90PgJ.c4elF1rfs.5zi/serving/trackpoint/?pm=1365854&ADFPageName=32Red+Casino+Homepage+View&ADFdivider=%7c&ord=370587243255&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fwww.32red.com%2f&catdt=0
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.238 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
51ae47bf11a24cfcb4b628f5b4dad5bb244fbc512d5f87809564260c8489cd10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

pragma
no-cache
date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
gzip
server
nginx
access-control-allow-origin
*
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
status
200
cache-control
no-cache, no-store, must-revalidate, no-transform
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript; charset=utf-8
content-length
199
expires
-1
event
unibet.demdex.net/ 		129 B
935 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unibet.demdex.net/event
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.253.43.81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-253-43-81.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
eb394f4599914bd28e75fe4c924a22930e53e29fd6cc1231e399e5612513b23e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.32red.com/
Origin
https://www.32red.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v062-022e8afa8.edge-irl1.demdex.com 5.65.0.20200212140016 5ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
ecFZHVGeQV8=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.32red.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
129
Expires
Thu, 01 Jan 1970 00:00:00 GMT
1088SeXEwfvRbBDipszsi4QGxHy2RxBSavFCLFK7-xL3wtoFD25
rules.atgsvcs.com/EERules/view/rules/3.0/json/200106309199/ 		366 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rules.atgsvcs.com/EERules/view/rules/3.0/json/200106309199/1088SeXEwfvRbBDipszsi4QGxHy2RxBSavFCLFK7-xL3wtoFD25
Requested by
Host: static.atgsvcs.com
URL: https://static.atgsvcs.com/js/atgsvcs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
138.1.36.135 , United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software
/
Resource Hash
b1e6449865f28d515797664a09fce59dcfc2384eb04f3d37012cf4f4234303e6

Request headers

Referer
https://www.32red.com/
Origin
https://www.32red.com
Sec-Fetch-Dest
empty
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.32red.com
Date
Fri, 28 Feb 2020 07:31:56 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Transfer-Encoding
chunked
P3P
CP="NON DSP COR CUR OUR LEG PHY COM",policyref="http://as00.estara.com/w3c/p3p.xml"
/
zn5anr1yufr0fxp8n-32red.siteintercept.qualtrics.com/SIE/ 		73 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn5anr1yufr0fxp8n-32red.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5aNR1yUfR0fxP8N&Q_LOC=https%3A%2F%2Fwww.32red.com%2F&t=1582875116657
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
b852d39d4e1dded54966a7ffe9b9d278163a0f0231e7be931d841066efdb0ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
17375
cf-polished
origSize=76353
status
200
edge-control
max-age=604800
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"12a41-ACZF3udb9CA83ZxRMq4rv7YOE4Y"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=604800
cf-ray
56c0b3a78a06731d-AMS
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
adsct
analytics.twitter.com/i/ 		31 B
651 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nz06m&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.32red.com%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.131 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Fri, 28 Feb 2020 07:31:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
57
x-xss-protection
0
x-response-time
120
pragma
no-cache
last-modified
Fri, 28 Feb 2020 07:31:56 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=631138519
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
b7befc79c721a94d92ac59b5153b55a2
x-transaction
000b8c36001ffc1d
expires
Tue, 31 Mar 1981 05:00:00 GMT
/
www.facebook.com/tr/ 		44 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=278155385876307&ev=Microdata&dl=https%3A%2F%2Fwww.32red.com%2F&rl=&if=false&ts=1582875117865&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now%22%2C%22meta%3Adescription%22%3A%22Instant%20Payouts.%20Regular%20Free%20Spin%20Offers%20at%2032Red%20Online%20Casino.%20Sign%20up%20to%2032Red.com%20for%20the%20best%20bonuses%2C%20frequent%20special%20offers%20and%20one%20of%20the%20largest%20selections%20of%20casino%20games.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.15&r=stable&ec=1&o=30&fbp=fb.1.1582875116361.1050096073&it=1582875116273&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Fri, 28 Feb 2020 07:31:57 GMT, Fri, 28 Feb 2020 07:31:57 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-24=":443"; ma=3600
content-length
44
expires
Fri, 28 Feb 2020 07:31:57 GMT

Verdicts & Comments Add Verdict or Comment

267 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| pca function| attachEvent object| Red object| Currencies object| swiftResume object| Util undefined| PTRMF function| $ function| jQuery function| _ object| Backbone object| Marionette object| picturefillCFG function| picturefill boolean| RESPONSIVE_AUTOSIZE boolean| RESPONSIVE_CAROUSEL boolean| RESPONSIVE_CONDITIONAL boolean| RESPONSIVE_DISMISS boolean| RESPONSIVE_DROPDOWN boolean| RESPONSIVE_MODAL boolean| RESPONSIVE_NAVIGATION boolean| RESPONSIVE_TABLE boolean| RESPONSIVE_TABS function| Hammer function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| moment object| noUiSlider function| wNumb function| HowlerGlobal object| Howler function| Howl function| Sound object| App function| AppController object| countriesAndState undefined| ResponsivePopoverView undefined| ResetPasswordConfirmationView undefined| CountDownTimerViewIntervalCount undefined| CountDownTimerViewIdCount undefined| CountDownTimerView undefined| ResponsiveModalModel undefined| ResponsiveModalView undefined| PreloaderView undefined| LoginModel undefined| LoginView undefined| LoginStatusView undefined| PostRegisterPromoModel undefined| createRegistrationModel undefined| ProfitBoostModel undefined| currencyCountries undefined| RegistrationView undefined| RegistrationConfirmView undefined| RegistrationPostSportRegView undefined| RegistrationPostSportRegViewNonUK undefined| createAccountModel undefined| myAccountView undefined| GameCategoryModel undefined| GameCategoryCollection undefined| GameModel undefined| GameModelCollection undefined| RTPGameModel undefined| RTPGameCollection undefined| GameMenuItemView undefined| GameMenuView undefined| GameTemplate undefined| GamesCategorySection undefined| GamesCategorySectionCollection undefined| GamesDirectoryCategory undefined| LatestGamesView undefined| FreeGamesView undefined| FreeSpinsHeader undefined| GamesDirectory undefined| responsivePopover undefined| GameplayAreaView undefined| GamePlayerViewLive undefined| GamePlayerView undefined| GiveAwayGamesModel undefined| GiveAwayGamesCollection undefined| GiveAwayGameChildView undefined| GiveAwayGamesCollectionView undefined| ReasonsView undefined| SportsPromoSliderView undefined| SideGamesView undefined| SideGameModel undefined| SideGamesModelCollection undefined| LaunchBankingDesktop function| closeBanking function| closeGameplayerBanking undefined| LaunchTransactionHistory undefined| LaunchPlaycheck undefined| LeaderboardItemView undefined| LeaderboardCompositeView undefined| LeaderboardModel undefined| LeaderboardCollection undefined| RaceItemView undefined| RacesView undefined| CurrencyView undefined| RaceModel undefined| RaceCollection undefined| RaceOverlayView undefined| OngoingRaceView undefined| RaceLeaderboardModel undefined| RaceLeaderboardCollection undefined| RaceLeaderboardItemView undefined| RaceLeaderboardView undefined| RaceStatusView undefined| SportsbookOverlayView undefined| SportsbookOverlayModel undefined| SportsBookNewAccountOverlayView undefined| SportsbookNewAccountOverlayModel undefined| NotificationModel undefined| NotificationModelCollection undefined| NotificationItemView undefined| NotificationsView undefined| PromoCategoryModel undefined| PromoCategoryCollection undefined| PromoModel undefined| PromoModelCollection undefined| PromoPopupPaneView undefined| PromoPopupView undefined| PromoPopupViewNDB undefined| PromoPopupViewNDB_Card undefined| PromoPopupViewBingoNDB undefined| PromotionModel undefined| LoyaltyBoxModel undefined| LoyaltyBoxView undefined| PeekabooModel undefined| PeekabooView undefined| InGameModel undefined| InGameView undefined| InterruptivePopupModel undefined| InterruptivePopupView undefined| AchievementsPromoItem undefined| AchievementsPromoCollection undefined| AchievementsPromoViewItem undefined| AchievementsPromoView undefined| BoostWinsModel undefined| BoostWinsView undefined| GameTemplateViper undefined| LatestGamesViperView undefined| HomepageSlidePromoModel undefined| HomepageSlidePromoCollection undefined| HomepageSlideshowPromotion undefined| slideNumber undefined| HomepageSlideshowImage undefined| HomepageSlideshowImageCollectionView undefined| GeneralLoaderView undefined| PlayerActivityView undefined| SessionReminderView undefined| ExitBannerModel undefined| ExitBannerView undefined| ChristmasMarketModel undefined| ChristmasMarketView undefined| SubscriptionCentreViewItem undefined| SubscriptionCentreModel undefined| DepositLimitViewItem undefined| DepositLimitModel undefined| DocumentVerificationViewItem undefined| DocumentVerificationModel undefined| BalanceModel undefined| BalanceView undefined| UpcomingBingoGamesModel undefined| UpcomingBingoGamesCollection undefined| UpcomingBingoGamesItemView undefined| UpcomingBingoGamesView undefined| UpcomingBingoScheduleItemView undefined| UpcomingBingoGamesScheduleView undefined| UpcomingBingoInGameItemView undefined| UpcomingBingoGamesInGameView undefined| BingoRoomsModel undefined| BingoRoomsCollection undefined| BingoRoomModel undefined| BingoRoomsItemView undefined| BingoRoomView undefined| BingoGameplayAreaView undefined| GameModelBingo undefined| BingoGamePlayerView undefined| BingoAliasModel undefined| BingoAliasView undefined| RegistrationConfirmViewBingo function| attachOnce function| launchDocumentVerification function| launchAddressVerification function| redirectBanking function| launchBanking function| launchTransactionHistory function| launchSwift function| setupSearch object| dataLayer undefined| id4ga undefined| tier function| getAppsflyerEvents function| updateDataLayer function| updateAppEvents function| gtag object| GlobalAdalyserNamespace function| adalyserTracker object| dataLayerNew function| fbpixel object| ft_onetag_4626 object| google_tag_manager object| _ATGSvcs object| ATGSvcs object| CleverSet undefined| userFirstName undefined| userLastName undefined| userEmail string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _adftrack function| twq function| snaptr object| r object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| utag_condload object| utag object| utag_cfg_ovrd object| functions function| Visitor object| s_c_il number| s_c_in number| c string| domainName object| twttr function| adalyserModules function| trackerCore function| rng object| _rnds8 undefined| _rnds function| parse function| unparse function| v1 function| v4 object| _byteToHex object| _hexToByte object| _seedBytes object| _nodeId number| _clockseq number| _lastMSecs number| _lastNSecs function| uuid function| cookie string| queueName function| queue function| sha1 function| api object| mutState object| AdalyserTracker object| Adform object| KJUR object| adf object| fortyone undefined| eStara_fsguid object| QSI

30 Cookies

Domain/Path Name / Value
.demdex.net/ Name: demdex
Value: 60128981470165266412765497432243347313
.doubleclick.net/ Name: IDE
Value: AHWqTUmnpa6u9ZertJLYJnxGlC8FLzA7Un_Zo3NP8uovlYmL0spJelMHBjDz5ecj
.32red.com/ Name: aam-uuid
Value: 60128981470165266412765497432243347313
.32red.com/ Name: s_nr
Value: 1582875116452-New
.32red.com/ Name: _dc_gtm_UA-69848558-1
Value: 1
.32red.com/ Name: __adal_cw
Value: 1582875116315
.32red.com/ Name: AMCVS_F431E3BC5593E3887F000101%40AdobeOrg
Value: 1
.32red.com/ Name: _scid
Value: 52662f0d-441d-4573-80e5-6d266d90ac68
.32red.com/ Name: aamoptsegs
Value:
.32red.com/ Name: __adal_ca
Value: so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29
.32red.com/ Name: __adal_id
Value: 9abb8006-cf76-4037-9018-c88b2a29165a.1582875116.1.1582875116.1582875116.741a9a8f-3fc2-4142-aa84-c048be75b3c8
.32red.com/ Name: _gid
Value: GA1.2.266053432.1582875116
www.32red.com/ Name: CAKEPHP
Value: 0mij8fig21vvvbe9eigjv4k1f3
.snapchat.com/ Name: sc_at
Value: v2|H4sIAAAAAAAAAAXBiQ0AIQgEwIpIWJ7TLQcjVwXFO+P2l9EhgSiJjiVMqNB4D71Pa80gt+2VwDf6ACYMUzkyAAAA
.32red.com/ Name: _gat_gtag_UA_128674441_1
Value: 1
www.32red.com/ Name: loadedCategory
Value: home
.32red.com/ Name: AMCV_F431E3BC5593E3887F000101%40AdobeOrg
Value: -330454231%7CMCIDTS%7C18321%7CMCMID%7C60159195613603570342769652976706249450%7CMCAAMLH-1583479916%7C6%7CMCAAMB-1583479916%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1582882316s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18328%7CvVersion%7C3.1.2
.32red.com/ Name: _fbp
Value: fb.1.1582875116361.1050096073
.32red.com/ Name: __adal_ses
Value: *
.32red.com/ Name: _ga
Value: GA1.2.1986256177.1582875116
.32red.com/ Name: atgRecVisitorId
Value: 1088SeXEwfvRbBDipszsi4QGxHy2RxBSavFCLFK7-xL3wtoFD25
www.32red.com/ Name: locale
Value: Q2FrZQ%3D%3D.N2U4ZTI1NTFmZGM3NmY3NDAxNTljN2I5ZTQ5YjhmMGY2MzZiZGIyNDNkNjI5MDg3YTkyOWJmMTYzZmQ5NzY0MXrsaoglD2w4Jygkr%2BKK5mUOYrYIJ3Nf8lcKvr9FFiyK
.32red.com/ Name: _gcl_au
Value: 1.1.554544794.1582875116
.32red.com/ Name: BTAG
Value: DirectRequest
.demdex.net/ Name: dextp
Value: 358-1-1582875116644
www.32red.com/ Name: surveyLogin
Value: false
.32red.com/ Name: utag_main
Value: v_id:01708ab582e000ac87651506b12000079001607100b08$_sn:1$_se:2$_ss:0$_st:1582876916451$ses_id:1582875116256%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:32red.com$adobe_mcid:60159195613603570342769652976706249450%3Bexp-session$aa_vid:%3Bexp-session
.32red.com/ Name: xdVisitorId
Value: 1088SeXEwfvRbBDipszsi4QGxHy2RxBSavFCLFK7-xL3wtoFD25
www.32red.com/ Name: Casino
Value: %7B%22first%22%3A380%7D
.32red.com/ Name: __cfduid
Value: df6970d469932db701d69518d785409491582875114

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - You are sending a non-standard event 'PageViewGTM'. The preferred way to send these events is using trackCustom. See 'https://developers.facebook.com/docs/ads-for-websites/pixel-events/#events' for more information.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5807549.fls.doubleclick.net
analytics.twitter.com
c1.adalyser.com
cm.everesttech.net
connect.facebook.net
css.32red.com
dpm.demdex.net
rules.atgsvcs.com
sc-static.net
script.crazyegg.com
secure.adnxs.com
services.postcodeanywhere.co.uk
static.32red.com
static.ads-twitter.com
static.atgsvcs.com
stats.g.doubleclick.net
t.co
tags.tiqcdn.com
tr.snapchat.com
track.adform.net
unibet.demdex.net
unibetlondonltd.d3.sc.omtrdc.net
www.32red.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
zn5anr1yufr0fxp8n-32red.siteintercept.qualtrics.com
104.17.116.43
104.17.208.240
104.244.42.131
104.244.42.69
13.225.73.112
138.1.36.135
151.101.12.157
152.199.23.241
216.58.208.38
217.10.139.203
23.203.93.9
2606:4700::6813:9408
2a00:1450:4001:821::2008
2a00:1450:4001:821::200e
2a00:1450:400c:c00::9b
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
34.252.9.88
34.253.43.81
35.181.91.36
35.186.226.184
37.157.2.238
37.252.173.22
66.117.28.86
03bff3d4c99e08c6f3089da93184ab208b87771bf7c2682b2d1272624f6d36f2
0f128a673b516ea8347410070bfdd3db7e3ee9550d0ca9b562e1fcdbeac7149f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
193a2818e9e3e60e2c86fd3b829327b19843187fba3c7a6d1884c76d5630ff77
1bf46fc67f5f3e054f5b33405c52949ee7158356544c3533c13a364a7ed764fd
220dfc78f32ca158058a7d27afeed3ea36816538baf391dbe6aae3af9f77fd6d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2dd12ffcc12d94caee754bec78453eaecd1236ea2663de1f8897eba6a986b5a1
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
3908f39229b0d50edd744c9c3025cb55465f66a6c2c3c61fb15830a6ad1aa7f2
3ad91bc56e802c6fb8ad369737ac0a130e0a499d410a4c00edf0996aeb2e1280
3db39cbed2bf88aad2a271b3687da87409900affc0f4e738e5e7002a578eaecd
3e98bd1bfcea80893f7a6f36aea254fdab4a1982c7511cfa406dd79f51da7513
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49da67ad26dc00e3a438f00ddeb8b47563407b07911b98babf58278bd3aae09a
51ae47bf11a24cfcb4b628f5b4dad5bb244fbc512d5f87809564260c8489cd10
595ccda4303e8b0ff3415aa12bd620eebe434c48a4c3ebaf825c544fcfe0614d
5a91c6d3e635c0bd1551a53cf0769328132151a7732039170280d500dbcb4685
5fa92d7ef514a7e90a078083fd3bc01237736a88544a25a41c0ebb1f5d3dc9b6
6a15b56b3ab11e5c2a9744c7e7965c5edc19881eb50dcb605d2a489d649d2f63
6b1e8e19aabd51c8a6d4fc10fd91db0391c1a8c570bdc54a129e035dde938487
6f2bfdceb72c799c1d7253054493690d47bb650de2fd8fd3d7bb834299e93119
7ce0cd9b15f9688b8d5aeef9e8291c5608684693df215e8b5decb28e5abbe170
7e56d1499254c269a72ed010fee0eb09e5b275b9bba65b7c8e517871ca9b27f2
7fbc7c43625155d5551e373226041fbb5e9e344fb119f54d595fe56610dfaced
80a5f94a201ad353f364deeb6bdc6c3454f85503b58d1e74055fe1f1a605abc2
81ffb8cbc0c960eec0ca9412721ed43227c09c6a5924d4da187403b3bf86759b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a8beec5e0c5d2e3d4071a8c532dd315c8a22e30fcdf570946a360e19809aace
9677a9eb54e83b23c5d6b6938ac3b697ec9d025816d21da56c72f3bcf4735de6
9bef384855f383317b1fdc195dbca645cd11c71baef5140d457f2f6eafa84dd5
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a54e2c42a9f9497b880f571462ea03949ad526e4b5d67e298369f2a775755758
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
a7392ff19107f054658ad2eaea2e7628f5a265cc7c09a94c5fdb19db6739c91b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b1e6449865f28d515797664a09fce59dcfc2384eb04f3d37012cf4f4234303e6
b852d39d4e1dded54966a7ffe9b9d278163a0f0231e7be931d841066efdb0ca6
c05a2b5ca4d672bc37d8abaa2f5f9958cc0484199c6fffd012615e328278822c
c2eee525972c2b03779f3d1d8c8d97559d4de12d40f3aca2f6385cf0f5bed56d
c58581f14d33cd1d7c0a0c399ec373046cc4a10373ddceed6ef5d068ce2917aa
d0448b0f29df3226d9612bdf00fd4e1b8b54b40d166870edc13622f1f5fd8ab3
d788d388b78ab019b71c4f6cd63ed8e4333f58248dee7fb53ea12eac66568922
dbef3df9cd49ce3b24c406d063b2ac65b6ba0ba61bd8329d22efd68c195e21bc
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e085b43d5677389e646dfc1d862fb1f3cc812b59b58e08b81b9bd75a6285c31c
e16504eeb7436adaceb16f3144c09dd6f4a8009dc5d609b86813dcd07d145910
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7786d13cb705435a677eec510c699e4ad381dd936638815c19ef27b28eb8bb1
e81584e2bee9d7defdd17b5a4a089ec403cf86bac22c41411692c7017869bc14
e93047ab88ddf3a33047a506b4a7594914e84fcf5ebac4b2723739e728e284b5
eaf1b128b927ac2868755cb7366d35554255c8af362235afe270f9614f8c806d
eb394f4599914bd28e75fe4c924a22930e53e29fd6cc1231e399e5612513b23e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04711ae3a5f84354911859ddbf7cd5d64abfc2fece6237f6a27627a37551e68
f4b88a0e0af9d7c7558abd8832198a957af7b6c614f25d33d7278665949b5e43
f616790eef8b646a83c55e7d3adfa639d40adac0b1c21b6c785860898f433dd1
f7d30d50c8bd1a098e213d2798fdbef78e34b752fd852beccc94229ab074a55d
f8102f0820d69a16d52d96c5653c03dcdf0fa73ed7b2aff419d35d91b2acf43d
f85d09fb46544e82ca327703c16c54c67e589d5032ed0359919c1d848abb67d5