urlscan.io logo urlscan.io
SecurityTrails logo

www.32red.com Open in urlscan Pro
104.16.111.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://32red.com/
Effective URL: https://www.32red.com/
Submission: On October 25 via manual from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 23 IPs in 8 countries across 20 domains to perform 52 HTTP transactions. The main IP is 104.16.111.33, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.32red.com.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on December 4th 2017. Valid for: 2 years.
This is the only time www.32red.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 16 104.16.111.33 13335 (CLOUDFLAR...)
2 217.10.139.203 6908 (DATAHOP D...)
5 2a00:1450:400... 15169 (GOOGLE)
1 184.31.82.148 20940 (AKAMAI-ASN1)
2 52.212.164.25 16509 (AMAZON-02)
2 152.199.23.241 15133 (EDGECAST)
2 147.154.106.232 31898 (ORACLE-BM...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2 172.217.23.166 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
2 2a03:2880:f01... 32934 (FACEBOOK)
3 37.157.4.41 198622 (ADFORM)
1 2 37.252.173.38 29990 (ASN-APPNEXUS)
1 151.101.112.157 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 104.244.42.197 13414 (TWITTER)
2 2a03:2880:f11... 32934 (FACEBOOK)
2 63.35.240.22 16509 (AMAZON-02)
1 104.17.208.240 13335 (CLOUDFLAR...)
1 104.244.42.67 13414 (TWITTER)
2 34.241.149.220 16509 (AMAZON-02)
1 52.31.190.58 16509 (AMAZON-02)
1 1 66.117.28.86 15224 (OMNITURE)
52 23
16    104.16.111.33 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
32red.com
www.32red.com
css.32red.com
static.32red.com
2    217.10.139.203 (Camden, United Kingdom)

ASN6908 (DATAHOP Datahop - Six Degrees, GB)
PTR: services.postcodeanywhere.co.uk
services.postcodeanywhere.co.uk
5    2a00:1450:4001:824::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    184.31.82.148 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a184-31-82-148.deploy.static.akamaitechnologies.com
static.atgsvcs.com
2    52.212.164.25 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-212-164-25.eu-west-1.compute.amazonaws.com
c1.adalyser.com
2    152.199.23.241 (United States)

ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US)
tags.tiqcdn.com
2    147.154.106.232 (Seattle, United States)

ASN31898 (ORACLE-BMC-31898 - Oracle Corporation, US)
rules.atgsvcs.com
3    2a00:1450:4001:825::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
2    172.217.23.166 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f166.1e100.net
5807549.fls.doubleclick.net
1    2606:4700::6813:9308 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
script.crazyegg.com
2    2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net
3    37.157.4.41 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    37.252.173.38 (Ascension Island)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
1    151.101.112.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
static.ads-twitter.com
2    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    104.244.42.197 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
2    2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com
2    63.35.240.22 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-35-240-22.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    104.17.208.240 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
zn5anr1yufr0fxp8n-32red.siteintercept.qualtrics.com
1    104.244.42.67 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
analytics.twitter.com
2    34.241.149.220 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-241-149-220.eu-west-1.compute.amazonaws.com
unibet.demdex.net
1    52.31.190.58 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-31-190-58.eu-west-1.compute.amazonaws.com
unibetlondonltd.d3.sc.omtrdc.net
1    66.117.28.86 (United States)

ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net
Domain Requested by
9 css.32red.com www.32red.com
5 www.googletagmanager.com www.32red.com
5 static.32red.com www.32red.com
3 track.adform.net www.32red.com
track.adform.net
3 www.google-analytics.com 1 redirects www.googletagmanager.com
www.32red.com
2 unibet.demdex.net tags.tiqcdn.com
2 dpm.demdex.net tags.tiqcdn.com
2 www.facebook.com www.32red.com
2 stats.g.doubleclick.net www.32red.com
2 secure.adnxs.com 1 redirects www.32red.com
2 connect.facebook.net www.32red.com
connect.facebook.net
2 5807549.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 rules.atgsvcs.com static.atgsvcs.com
2 tags.tiqcdn.com www.32red.com
tags.tiqcdn.com
2 c1.adalyser.com www.32red.com
2 services.postcodeanywhere.co.uk www.32red.com
1 cm.everesttech.net 1 redirects
1 unibetlondonltd.d3.sc.omtrdc.net tags.tiqcdn.com
1 analytics.twitter.com static.ads-twitter.com
1 zn5anr1yufr0fxp8n-32red.siteintercept.qualtrics.com www.32red.com
1 t.co www.32red.com
1 static.ads-twitter.com www.32red.com
1 script.crazyegg.com www.googletagmanager.com
1 static.atgsvcs.com www.32red.com
1 www.32red.com
1 32red.com 1 redirects
52 26
Subject Issuer Validity Valid
*.32red.com
COMODO RSA Organization Validation Secure Server CA		 2017-12-04 -
2020-01-09		 2 years crt.sh
*.postcodeanywhere.co.uk
Sectigo RSA Domain Validation Secure Server CA		 2019-02-18 -
2020-02-23		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
static.atgsvcs.com
DigiCert SHA2 Secure Server CA		 2019-04-24 -
2020-07-23		 a year crt.sh
*.adalyser.com
Thawte RSA CA 2018		 2019-06-04 -
2021-07-07		 2 years crt.sh
*.tiqcdn.com
DigiCert SHA2 Secure Server CA		 2017-10-25 -
2020-05-13		 3 years crt.sh
rules.atgsvcs.com
DigiCert SHA2 Secure Server CA		 2019-09-26 -
2020-09-25		 a year crt.sh
*.doubleclick.net
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
ssl945600.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-20 -
2020-02-26		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2019-09-22 -
2019-12-20		 3 months crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.adnxs.com
DigiCert ECC Secure Server CA		 2019-01-23 -
2021-03-08		 2 years crt.sh
ads-twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-08-14 -
2020-08-18		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-10-10 -
2020-01-02		 3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
*.qualtrics.com
DigiCert SHA2 Secure Server CA		 2018-10-08 -
2021-01-06		 2 years crt.sh
*.twitter.com
DigiCert SHA2 High Assurance Server CA		 2019-04-09 -
2020-04-01		 a year crt.sh
*.d3.sc.omtrdc.net
DigiCert SHA2 High Assurance Server CA		 2019-04-23 -
2020-04-14		 a year crt.sh

This page contains 3 frames:

Primary Page: https://www.32red.com/
Frame ID: 1F54F3640D3A9F77714C414FEFA1E507
Requests: 67 HTTP requests in this frame

Frame: https://5807549.fls.doubleclick.net/activityi;dc_pre=CPWTwtSht-UCFZGA3godUD8Obg;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=9110020664716;gtm=2wgaa0;auiddc=213944074.1572001426;~oref=https%3A%2F%2Fwww.32red.com%2F
Frame ID: B8590C9B7BDE258BB7672FF9D823E2B4
Requests: 1 HTTP requests in this frame

Frame: https://unibet.demdex.net/dest5.html?d_nsid=0
Frame ID: AA524A26F1C18D2B2E43C53304641FB0
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://32red.com/ HTTP 301
    https://www.32red.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /script\.crazyegg\.com\/pages\/scripts\/\d+\/\d+\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

Page Statistics

52
Requests

100 %
HTTPS

26 %
IPv6

20
Domains

26
Subdomains

23
IPs

8
Countries

1639 kB
Transfer

4490 kB
Size

23
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://32red.com/ HTTP 301
    https://www.32red.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://5807549.fls.doubleclick.net/activityi;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=9110020664716;gtm=2wgaa0;auiddc=213944074.1572001426;~oref=https%3A%2F%2Fwww.32red.com%2F HTTP 302
  • https://5807549.fls.doubleclick.net/activityi;dc_pre=CPWTwtSht-UCFZGA3godUD8Obg;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=9110020664716;gtm=2wgaa0;auiddc=213944074.1572001426;~oref=https%3A%2F%2Fwww.32red.com%2F
Request Chain 46
  • https://secure.adnxs.com/seg?add=14419840&t=1 HTTP 302
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1
Request Chain 48
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2058717713&t=pageview&_s=1&dl=https%3A%2F%2Fwww.32red.com%2F&ul=en-us&de=UTF-8&dt=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1415330317&gjid=413931372&cid=1446007782.1572001426&tid=UA-128674441-1&_gid=610163033.1572001426&_r=1&gtm=2ouaa0&z=833313518 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128674441-1&cid=1446007782.1572001426&jid=1415330317&_gid=610163033.1572001426&gjid=413931372&_v=j79&z=833313518
Request Chain 64
  • https://cm.everesttech.net/cm/dd?d_uuid=31603670739564161773566470651136454673 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XbLWkgAAFD34ajx0

52 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.32red.com/
Redirect Chain
  • https://32red.com/
  • https://www.32red.com/
184 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c9c55e07615141850253bcbc8ba106ce8d19f3fe8b8b21761610029993f6204

Request headers

:method
GET
:authority
www.32red.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
cookie
__cfduid=d23803dc0f8b263143a0f6e1418a453721572001423
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Fri, 25 Oct 2019 11:03:45 GMT
content-type
text/html; charset=UTF-8
set-cookie
CAKEPHP=8q5di2uuv28o3sluu7mqu7p023; path=/; HttpOnly BTAG=DirectRequest; expires=Sun, 24-Nov-2019 11:03:44 GMT; Max-Age=2592000; path=/; domain=.32red.com loadedCategory=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/ loadedCategory=home; path=/ locale=Q2FrZQ%3D%3D.MjE3ZmE2OWFhYjU2Y2RkY2U5ZWIxODgzMzZiMzRmZjkwZjI2Njg4NzQ0NzRkNjU2MGRlYmM1ZWUwOGY0OWZmZD8vGJYsW3lzn4X2IDEHLSvGM3jJWQBmpcPKvnTDVydB; expires=Mon, 25-Nov-2019 11:03:44 GMT; Max-Age=2678399; path=/ Casino=%7B%22first%22%3A380%7D; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
vary
Accept-Encoding,User-Agent,Cookie
access-control-allow-header
X-DEBUGKIT-ID
content-encoding
gzip
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52b3b4a488fcc2d6-FRA

Redirect headers

status
301
date
Fri, 25 Oct 2019 11:03:44 GMT
content-type
text/html; charset=UTF-8
content-length
0
set-cookie
__cfduid=d23803dc0f8b263143a0f6e1418a453721572001423; expires=Sat, 24-Oct-20 11:03:43 GMT; path=/; domain=.32red.com; HttpOnly
location
https://www.32red.com/
cache-control
max-age=172800
expires
Sun, 27 Oct 2019 11:03:44 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
52b3b4a32caec2d6-FRA
application.v1571909443.css
css.32red.com/css/ 		1 MB
348 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/css/application.v1571909443.css
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
121c9a0175c352d0708a97e73fb9d4cadf16a31a4fad6b6cdff373b3ab4d0cf8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
91660
cf-polished
origSize=1263577
status
200
last-modified
Thu, 24 Oct 2019 09:33:47 GMT
server
cloudflare
etag
W/"14085e-1347d9-595a4baf35e28"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Sat, 23 Nov 2019 09:36:05 GMT
cache-control
max-age=2592000
cf-ray
52b3b4abbc2ec2d6-FRA
cf-bgj
minify
address-3.70.css
services.postcodeanywhere.co.uk/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://services.postcodeanywhere.co.uk/css/address-3.70.css
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.10.139.203 Camden, United Kingdom, ASN6908 (DATAHOP Datahop - Six Degrees, GB),
Reverse DNS
services.postcodeanywhere.co.uk
Software
nginx/1.15.7 /
Resource Hash
2e501a81ef18602fe1d3145c6ee37fed3875db15e576ba304a35944da7c918e4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 25 Oct 2019 11:03:45 GMT
Content-Encoding
gzip
Server
nginx/1.15.7
Content-Type
text/css;charset=UTF-8
Cache-Control
public
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
2171
address-3.70.js
services.postcodeanywhere.co.uk/js/ 		216 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://services.postcodeanywhere.co.uk/js/address-3.70.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.10.139.203 Camden, United Kingdom, ASN6908 (DATAHOP Datahop - Six Degrees, GB),
Reverse DNS
services.postcodeanywhere.co.uk
Software
nginx/1.15.7 /
Resource Hash
e199f565b4085ab9409a14430e769dcfd958250580e6bad6ccef168505d27f59

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 25 Oct 2019 11:03:45 GMT
Content-Encoding
gzip
Server
nginx/1.15.7
Content-Type
text/javascript;charset=UTF-8
Cache-Control
public
Connection
keep-alive
X-Robots-Tag
noindex
Content-Length
44244
logo.svg
static.32red.com/img/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.32red.com/img/logo.svg
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
a54e2c42a9f9497b880f571462ea03949ad526e4b5d67e298369f2a775755758

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 21 Nov 2017 09:28:55 GMT
server
cloudflare
age
862222
etag
W/"16070f-9d6-55e7ad4fc4f87"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
cf-ray
52b3b4abcc58c2d6-FRA
expires
Wed, 14 Oct 2020 11:42:00 GMT
highlander-32red.jpg
static.32red.com/img/homepage-header/large/ 		164 KB
164 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.32red.com/img/homepage-header/large/highlander-32red.jpg
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c726077501a0e4834faa1e53604b3cea1da32eec7c16252aa15ff4e3b0342e16

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
cf-cache-status
HIT
age
861453
cf-polished
degrade=85, origSize=681875
status
200
content-length
168049
last-modified
Fri, 18 Jan 2019 11:35:40 GMT
server
cloudflare
etag
"16409a-a6793-57fb9e926c135"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 14 Oct 2020 11:54:50 GMT
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
52b3b4abcc59c2d6-FRA
cf-bgj
imgq:85
hot_wheel.svg
static.32red.com/img/races/ 		14 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.32red.com/img/races/hot_wheel.svg
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f4b88a0e0af9d7c7558abd8832198a957af7b6c614f25d33d7278665949b5e43

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 28 Jan 2019 09:14:23 GMT
server
cloudflare
age
862221
etag
W/"19e68f-378e-580811a4b540c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
cf-ray
52b3b4ac7eb3c2d6-FRA
expires
Wed, 14 Oct 2020 11:42:01 GMT
loader.svg
static.32red.com/img/ 		1014 B
689 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.32red.com/img/loader.svg
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2eee525972c2b03779f3d1d8c8d97559d4de12d40f3aca2f6385cf0f5bed56d

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 25 Sep 2017 12:21:09 GMT
server
cloudflare
age
862221
etag
W/"15fabb-3f6-55a0297f350f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
status
200
cache-control
max-age=31536000
cf-ray
52b3b4ac8ef4c2d6-FRA
expires
Wed, 14 Oct 2020 11:42:01 GMT
framework.v1571909441.js
css.32red.com/js/ 		943 KB
247 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/js/framework.v1571909441.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f616790eef8b646a83c55e7d3adfa639d40adac0b1c21b6c785860898f433dd1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
91660
cf-polished
origSize=965595
status
200
last-modified
Thu, 24 Oct 2019 09:35:07 GMT
server
cloudflare
etag
W/"140a06-ebbdb-595a4bfb8b395"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Sat, 23 Nov 2019 09:36:05 GMT
cache-control
max-age=2592000
cf-ray
52b3b4abeca2c2d6-FRA
cf-bgj
minify
application.v1571909443.js
css.32red.com/js/ 		457 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/js/application.v1571909443.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ecf7a7c1c9ffcaebf20096d872df58b59f2a90e1eba050f4e7e2d2ce6612521

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
91660
cf-polished
origSize=468435
status
200
last-modified
Thu, 24 Oct 2019 09:35:07 GMT
server
cloudflare
etag
W/"1409ff-725d3-595a4bfb832ad"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Sat, 23 Nov 2019 09:36:05 GMT
cache-control
max-age=2592000
cf-ray
52b3b4abecb2c2d6-FRA
cf-bgj
minify
general-desktop-main.v1571909442.js
css.32red.com/js/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/js/general-desktop-main.v1571909442.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4563d8bb1d2eea96de62b12cf4af509bfd8f4d6cc792e686cec1b39eaca8e0fb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
cf-cache-status
HIT
age
91302
status
200
last-modified
Thu, 24 Oct 2019 09:33:15 GMT
server
cloudflare
etag
W/"1409de-6bb7-595a4b9160895"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
expires
Sat, 23 Nov 2019 09:42:03 GMT
cache-control
max-age=2592000
cf-ray
52b3b4ac2d6bc2d6-FRA
cf-bgj
minify
js
www.googletagmanager.com/gtag/ 		74 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-128674441-1
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32f6a3e6eaae8dc360e326bed24806f7babc4b9a7ba507f4ed1dedfaf068f768
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
28469
x-xss-protection
0
expires
Fri, 25 Oct 2019 11:03:45 GMT
atgsvcs.js
static.atgsvcs.com/js/ 		73 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.atgsvcs.com/js/atgsvcs.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.31.82.148 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a184-31-82-148.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8c47b10eb38be6e8b77f64bc5b4f09df7d8e406ecb87eb44a3f4c70606a0b5ba

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 25 Oct 2019 11:03:45 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 Jul 2019 15:14:26 GMT
Server
AkamaiNetStorage
ETag
"95123e6e3c3d431160961268271215ca:1562771666.033337"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR NID CUR OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
29487
transparencySprite.png
static.32red.com/img/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.32red.com/img/transparencySprite.png
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
776b862de717732b909590d3ce53c81c9611c3f1c7230a3451b11bb2be48da3a

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://css.32red.com/css/application.v1571909443.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
cf-cache-status
HIT
last-modified
Thu, 16 Nov 2017 13:07:21 GMT
server
cloudflare
age
861450
etag
"15fbc9-f83e-55e194cf07a24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
status
200
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
52b3b4ac9f11c2d6-FRA
content-length
63550
expires
Wed, 14 Oct 2020 11:54:53 GMT
2CD456_0_0.woff2
css.32red.com/fonts/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/fonts/2CD456_0_0.woff2
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
f85d09fb46544e82ca327703c16c54c67e589d5032ed0359919c1d848abb67d5

Request headers

Sec-Fetch-Mode
cors
Referer
https://css.32red.com/css/application.v1571909443.css
Origin
https://www.32red.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
cf-cache-status
HIT
age
862320
status
200
content-length
33110
last-modified
Thu, 10 Oct 2019 14:14:48 GMT
server
cloudflare
etag
"62c82-8156-5948f06272ac2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
52b3b4accdb29ac2-FRA
expires
Wed, 14 Oct 2020 11:31:45 GMT
icomoon.ttf
css.32red.com/fonts/ 		59 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/fonts/icomoon.ttf?8gwnqp
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b86ff215fc0a6c452d1e81d54d5151e66abb460af4ca9dbb584d8537bbe3caf6

Request headers

Sec-Fetch-Mode
cors
Referer
https://css.32red.com/css/application.v1571909443.css
Origin
https://www.32red.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
cf-cache-status
HIT
age
862220
status
200
content-length
60076
last-modified
Thu, 10 Oct 2019 14:12:38 GMT
server
cloudflare
etag
"1408cc-eaac-5948efe7035b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-font-ttf
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
52b3b4accdb39ac2-FRA
expires
Wed, 14 Oct 2020 11:33:25 GMT
2CD456_2_0.woff2
css.32red.com/fonts/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/fonts/2CD456_2_0.woff2
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
193a2818e9e3e60e2c86fd3b829327b19843187fba3c7a6d1884c76d5630ff77

Request headers

Sec-Fetch-Mode
cors
Referer
https://css.32red.com/css/application.v1571909443.css
Origin
https://www.32red.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
cf-cache-status
HIT
age
862320
status
200
content-length
32039
last-modified
Thu, 10 Oct 2019 14:07:00 GMT
server
cloudflare
etag
"140854-7d27-5948eea41eed7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
52b3b4accdb89ac2-FRA
expires
Wed, 14 Oct 2020 11:31:45 GMT
2CC0C7_0_0.woff2
css.32red.com/fonts/ 		79 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/fonts/2CC0C7_0_0.woff2
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6c3a97a5a40c904545643ebf17942c5e31999c8fd25de6d972bdb4bfc722ca4

Request headers

Sec-Fetch-Mode
cors
Referer
https://css.32red.com/css/application.v1571909443.css
Origin
https://www.32red.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
cf-cache-status
HIT
age
862320
status
200
content-length
81152
last-modified
Thu, 10 Oct 2019 14:06:59 GMT
server
cloudflare
etag
"140845-13d00-5948eea40ed06"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
52b3b4accdb59ac2-FRA
expires
Wed, 14 Oct 2020 11:31:45 GMT
fontawesome-webfont.woff2
css.32red.com/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://css.32red.com/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.16.111.33 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Sec-Fetch-Mode
cors
Referer
https://css.32red.com/css/application.v1571909443.css
Origin
https://www.32red.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
cf-cache-status
HIT
age
862220
status
200
content-length
77160
last-modified
Thu, 10 Oct 2019 14:09:28 GMT
server
cloudflare
etag
"140192-12d68-5948ef31ae146"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
cf-ray
52b3b4accdb49ac2-FRA
expires
Wed, 14 Oct 2020 11:33:25 GMT
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ad91bc56e802c6fb8ad369737ac0a130e0a499d410a4c00edf0996aeb2e1280

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3908f39229b0d50edd744c9c3025cb55465f66a6c2c3c61fb15830a6ad1aa7f2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e7786d13cb705435a677eec510c699e4ad381dd936638815c19ef27b28eb8bb1

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9bef384855f383317b1fdc195dbca645cd11c71baef5140d457f2f6eafa84dd5

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
595ccda4303e8b0ff3415aa12bd620eebe434c48a4c3ebaf825c544fcfe0614d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9677a9eb54e83b23c5d6b6938ac3b697ec9d025816d21da56c72f3bcf4735de6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c58581f14d33cd1d7c0a0c399ec373046cc4a10373ddceed6ef5d068ce2917aa

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3e98bd1bfcea80893f7a6f36aea254fdab4a1982c7511cfa406dd79f51da7513

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5fa92d7ef514a7e90a078083fd3bc01237736a88544a25a41c0ebb1f5d3dc9b6

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6a15b56b3ab11e5c2a9744c7e7965c5edc19881eb50dcb605d2a489d649d2f63

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d0448b0f29df3226d9612bdf00fd4e1b8b54b40d166870edc13622f1f5fd8ab3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
220dfc78f32ca158058a7d27afeed3ea36816538baf391dbe6aae3af9f77fd6d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a7392ff19107f054658ad2eaea2e7628f5a265cc7c09a94c5fdb19db6739c91b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c05a2b5ca4d672bc37d8abaa2f5f9958cc0484199c6fffd012615e328278822c

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f7d30d50c8bd1a098e213d2798fdbef78e34b752fd852beccc94229ab074a55d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
80a5f94a201ad353f364deeb6bdc6c3454f85503b58d1e74055fe1f1a605abc2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/jpg
truncated
/ 		16 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3db39cbed2bf88aad2a271b3687da87409900affc0f4e738e5e7002a578eaecd

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
image/png
gtm.js
www.googletagmanager.com/ 		126 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2e08d1e09fec94ee1fb2655272c4113263add5d9e8401019ce62145f67a29814
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
br
last-modified
Fri, 25 Oct 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
30157
x-xss-protection
0
expires
Fri, 25 Oct 2019 11:03:45 GMT
adalyser.js
c1.adalyser.com/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c1.adalyser.com/adalyser.js?cid=32red
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.164.25 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-164-25.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
c12bbabd4282966da34b40e0809e4dbc9ce1794d7abf7ed0eeba06d55445adc5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 25 Oct 2019 11:03:45 GMT
Content-Encoding
gzip
ETag
"986f325c316129192ae2125c1f8bc766f0786b24"
X-Powered-By
Express
P3P
CP="ADMa OUR IND DSP NON COR"
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=7200
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript
Access-Control-Allow-Headers
origin, content-type, accept
Content-Length
12239
utag.js
tags.tiqcdn.com/utag/kindred/32red/prod/ 		101 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (lab/4F20) /
Resource Hash
ecac0769bd00c46c35e0e205e4d61f1e82b652a6802828b2444221b615866bd2

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:57 GMT
content-encoding
gzip
last-modified
Thu, 24 Oct 2019 10:02:07 GMT
server
ECAcc (lab/4F20)
etag
"3617512346"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=300
accept-ranges
bytes
content-length
32555
expires
Fri, 25 Oct 2019 11:08:46 GMT
xd.js
rules.atgsvcs.com/EERules/xd/3.0/json/200106309199/ 		84 B
435 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.atgsvcs.com/EERules/xd/3.0/json/200106309199/xd.js
Requested by
Host: static.atgsvcs.com
URL: https://static.atgsvcs.com/js/atgsvcs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.154.106.232 Seattle, United States, ASN31898 (ORACLE-BMC-31898 - Oracle Corporation, US),
Reverse DNS
Software
/
Resource Hash
8770e29c05a2112df8f6222130d62f321e3012d8429e51d0f0ea314c8ae71533

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 25 Oct 2019 11:03:46 GMT
Last-Modified
Wed, 01 May 2013 00:00:00 GMT
Transfer-Encoding
chunked
P3P
CP="NON DSP COR CUR OUR LEG PHY COM",policyref="http://as00.estara.com/w3c/p3p.xml"
Access-Control-Allow-Origin
*
Cache-Control
private
Access-Control-Allow-Credentials
true
Connection
keep-alive
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-128674441-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5351
date
Fri, 25 Oct 2019 09:34:34 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Fri, 25 Oct 2019 11:34:34 GMT
a
www.googletagmanager.com/ 		0
130 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-128674441-1&cv=1&v=3&t=t&pid=197309429&rv=aa0&es=1&e=gtm.js&eid=0&tc=1&z=0
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Oct 2019 11:03:45 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
a
www.googletagmanager.com/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-128674441-1&cv=1&v=3&t=t&pid=197309429&rv=aa0&es=1&e=*&eid=2&tc=1&tr=1gtagua&z=0
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Oct 2019 11:03:45 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activityi;dc_pre=CPWTwtSht-UCFZGA3godUD8Obg;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=9110020664716;gtm=2wgaa0;auiddc=213944074.1572001426;~oref=https%3A%2F%2Fwww.32red.com%2F
5807549.fls.doubleclick.net/ Frame B859
Redirect Chain
  • https://5807549.fls.doubleclick.net/activityi;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=9110020664716;gtm=2wgaa0;auiddc=213944074.1572001426;~oref=https%3A%2F%2Fwww.32red.com%2F?
  • https://5807549.fls.doubleclick.net/activityi;dc_pre=CPWTwtSht-UCFZGA3godUD8Obg;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=9110020664716;gtm=2wgaa0;auiddc=213944074.1572001426;~oref=https%3A%...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://5807549.fls.doubleclick.net/activityi;dc_pre=CPWTwtSht-UCFZGA3godUD8Obg;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=9110020664716;gtm=2wgaa0;auiddc=213944074.1572001426;~oref=https%3A%2F%2Fwww.32red.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.23.166 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
5807549.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CPWTwtSht-UCFZGA3godUD8Obg;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=9110020664716;gtm=2wgaa0;auiddc=213944074.1572001426;~oref=https%3A%2F%2Fwww.32red.com%2F?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://www.32red.com/
accept-encoding
gzip, deflate, br
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.32red.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 25 Oct 2019 11:03:45 GMT
expires
Fri, 25 Oct 2019 11:03:45 GMT
cache-control
private, max-age=0
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
332
x-xss-protection
0
set-cookie
IDE=AHWqTUnZGpwXfhFTcro53wvZRCed0ge4ZO01e9bQMAJOEE3CNqfp33JcP8yqv4xy; expires=Wed, 18-Nov-2020 11:03:45 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000

Redirect headers

status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
date
Fri, 25 Oct 2019 11:03:45 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://5807549.fls.doubleclick.net/activityi;dc_pre=CPWTwtSht-UCFZGA3godUD8Obg;src=5807549;type=imvmedia;cat=vifmxvta;ord=1;num=9110020664716;gtm=2wgaa0;auiddc=213944074.1572001426;~oref=https%3A%2F%2Fwww.32red.com%2F?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 25-Oct-2019 11:18:45 GMT; path=/; domain=.doubleclick.net
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
1462.js
script.crazyegg.com/pages/scripts/0053/ 		155 B
690 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0053/1462.js?436667
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TH6RPB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9308 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
9062a9f58fc5dabed47d72c6df6353566a426b10f0bfef4e2ef5ef948e99a2cc

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
via
1.1 da6337fab5996bd3c6854f4fffffc8f6.cloudfront.net (CloudFront)
cf-cache-status
HIT
age
9988
cf-polished
origSize=156
x-cache
Hit from cloudfront
status
200
content-encoding
gzip
last-modified
Wed, 17 Apr 2019 09:03:58 GMT
server
cloudflare
etag
W/"29985ff32f5baab591782078cf247e31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private, max-age=28800
cf-ray
52b3b4ae9b56cb9c-VIE
x-amz-cf-id
BCH6QlRqME6JipK0dyaBpyjLiGMDoqfldiJ0WslEelNS768HTiittA==
cf-bgj
minify
fbevents.js
connect.facebook.net/en_US/ 		105 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
4a20573a119be08423ad723eee0545a7de9d7aa82c70d901056e68db1c390539
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
23572
x-xss-protection
0
pragma
public
x-fb-debug
bOaYXDZ18vNWy30LGWAiEZjx17C9SN9Jxe+UE/bCXY9H7JTGFehxq5Lvr6PXt3Z6WZs6WZf2Vgj0nDxQq/qA1Q==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Fri, 25 Oct 2019 11:03:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
track.adform.net/serving/scripts/trackpoint/async/ 		76 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/serving/scripts/trackpoint/async/
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
public, max-age=604800
content-type
text/javascript; charset=utf-8
content-length
30712
expires
Fri, 01 Nov 2019 12:03:45 GMT
bounce
secure.adnxs.com/
Redirect Chain
  • https://secure.adnxs.com/seg?add=14419840&t=1
  • https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1
0
1003 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.38 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Oct 2019 11:03:47 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.167:80
AN-X-Request-Uuid
250e5f18-9e98-4ef8-a744-479448dce02b
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/javascript; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 25 Oct 2019 11:03:47 GMT
X-Proxy-Origin
144.76.109.30; 144.76.109.30; 537.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.112:80
AN-X-Request-Uuid
f9fe720e-c01b-4e8e-bf46-45fa5f367c46
Server
nginx/1.13.4
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14419840%26t%3D1
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
uwt.js
static.ads-twitter.com/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.112.157 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
age
10251
x-cache
HIT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200
content-length
1954
x-served-by
cache-hhn4036-HHN
last-modified
Tue, 23 Jan 2018 20:09:00 GMT
x-timer
S1572001426.670175,VS0,VE0
etag
"b7b33882a4f3ffd5cbf07434f3137166+gzip"
vary
Accept-Encoding,Host
content-type
application/javascript; charset=utf-8
via
1.1 varnish
cache-control
no-cache
accept-ranges
bytes
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=2058717713&t=pageview&_s=1&dl=https%3A%2F%2Fwww.32red.com%2F&ul=en-us&de=UTF-8&dt=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128674441-1&cid=1446007782.1572001426&jid=1415330317&_gid=610163033.1572001426&gjid=413931372&_v=j79&z=833313518
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128674441-1&cid=1446007782.1572001426&jid=1415330317&_gid=610163033.1572001426&gjid=413931372&_v=j79&z=833313518
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 25 Oct 2019 11:03:45 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 25 Oct 2019 11:03:45 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-128674441-1&cid=1446007782.1572001426&jid=1415330317&_gid=610163033.1572001426&gjid=413931372&_v=j79&z=833313518
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&a=2058717713&t=pageview&_s=1&dl=https%3A%2F%2Fwww.32red.com%2F&ul=en-us&de=UTF-8&dt=Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YGDAgUAB~&jid=95604626&gjid=326240029&cid=1446007782.1572001426&tid=UA-69848558-1&_gid=610163033.1572001426&gtm=2wgaa0TH6RPB&z=1888606369
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Oct 2019 15:07:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
676562
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/ 		35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-69848558-1&cid=1446007782.1572001426&jid=95604626&gjid=326240029&_gid=610163033.1572001426&_u=YGDAgUAB~&z=1049095248
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Fri, 25 Oct 2019 11:03:45 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
adsct
t.co/i/ 		43 B
449 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nz06m&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
content-length
65
x-xss-protection
0
x-response-time
116
pragma
no-cache
last-modified
Fri, 25 Oct 2019 11:03:45 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
72be25e0fb78eb11f910e8f96daa55a2
x-transaction
00b1857400a7d7cd
expires
Tue, 31 Mar 1981 05:00:00 GMT
278155385876307
connect.facebook.net/signals/config/ 		282 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/278155385876307?v=2.9.8&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
ded85ce42b0c8e7f7c7549ab3e3746ac3943497d25b8d35aa23fb4542f761842
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-23=":443"; ma=3600
content-length
66788
x-xss-protection
0
pragma
public
x-fb-debug
8K3VseuN/8Ok65VgrESyMpkAYe2tqIO+Esy0XnmFp6BrDhQuThjAYO1S2Hgzn90l+TXRbEW2WZGCylzPoippkA==
x-fb-trip-id
1850256238
x-frame-options
DENY
date
Fri, 25 Oct 2019 11:03:45 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
track.adform.net/Serving/TrackPoint/ 		18 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/Serving/TrackPoint/?pm=1365854&ADFPageName=32Red%20Casino%20Homepage%20View&ADFdivider=%7C&ord=887272999768&Set1=en-US%7Cen-US%7C1600x1200%7C24&ADFtpmode=2&loc=https%3A%2F%2Fwww.32red.com%2F
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
213b217235c6551d71dabf8c7b45f3c9e8386deda2e072573708b81cd9a81f99

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
8810
expires
-1
/
www.facebook.com/tr/ 		44 B
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=278155385876307&ev=PageViewGTM&dl=https%3A%2F%2Fwww.32red.com%2F&rl=&if=false&ts=1572001425723&sw=1600&sh=1200&v=2.9.8&r=stable&ec=0&o=30&fbp=fb.1.1572001425722.1600800802&it=1572001425695&coo=false&rqm=GET
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Fri, 25 Oct 2019 11:03:45 GMT
/
track.adform.net/wpf/v2/Fla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7s... 		126 B
612 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/wpf/v2/Fla44j1c.lY5BNvcKyAdMUDFBpBeA0fUm7qKFz0Xnj3wMvsD7z5meTuCUMz_WMXWMYGzXJJIneGffLMC7EZ3QHPBirTYKUowRslzRQqwSM2dFqwomevLNDrhO3f9p_nH1u_eH3BhxUC550ialT0iakiEocEcEJ1w.CxUC541jlS7spjt3Q9cUVlOrXTAxw63UYOKES5jfzmkflFflczl998tp7ppfAaZ6m1CdC5MQjGejuTDRNziCvTDfWocQTPOKSfB6QqgXK_Pmtd0UbUV8afuyPBAhqvnu5yIguaDeyjaY2ftckuyPBDjaY2.rINVQdg4C9e3V4GdI.iLs2dI_AIQjvEodUW2vqCRc7L1eLY6SI5.25.ea1kb9BRcWqrTKz1_y3rjNpp0iJ3A0KFgBFY5BNlrJcNlY52DLrV9BNorW6Tv4pA4.L9.gJ0Nc1lF4XVA4.9gJ.c4elF1eLf4.pwoRbA4.pwoRbA4.90PgJ.c4elF1rfs.6F./serving/trackpoint/?pm=1365854&ADFPageName=32Red+Casino+Homepage+View&ADFdivider=%7c&ord=887272999768&Set1=en-US%7cen-US%7c1600x1200%7c24&ADFtpmode=2&loc=https%3a%2f%2fwww.32red.com%2f&catdt=0
Requested by
Host: track.adform.net
URL: https://track.adform.net/serving/scripts/trackpoint/async/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.41 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
51ae47bf11a24cfcb4b628f5b4dad5bb244fbc512d5f87809564260c8489cd10

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Oct 2019 11:03:45 GMT
content-encoding
gzip
server
nginx
status
200
vary
Accept-Encoding
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
text/javascript; charset=utf-8
content-length
199
expires
-1
p
c1.adalyser.com/tracking/track/v4/ 		43 B
483 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adalyser.com/tracking/track/v4/p?e=lce1&stm=1572001425769&url=https%3A%2F%2Fwww.32red.com%2F&cid=32red&domain=www.32red.com&p=%7B%22a1%22%3A%22Session%22%2C%22et%22%3A1572001425766%2C%22nr%22%3A%22New%22%2C%22cg%22%3A%22Direct%22%2C%22dt%22%3A%22desktop%22%2C%22so%22%3A%22direct%22%2C%22me%22%3A%22none%22%2C%22ca%22%3A%22direct%22%2C%22co%22%3A%22(not%20set)%22%2C%22ke%22%3A%22(not%20set)%22%2C%22vid%22%3A%221%22%2C%22sid%22%3A%22ecf503ac-f64b-40d9-999b-3ad34b45405d%22%2C%22udid%22%3A%225f7e64fc-3bd6-4496-85eb-8cc65eb982c8%22%2C%22cw%22%3A1572001425766%7D&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F74.0.3729.169%20Safari%2F537.36
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.212.164.25 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-212-164-25.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 25 Oct 2019 11:03:45 GMT
ETag
W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
X-Powered-By
Express
P3P
CP="ADMa OUR IND DSP NON COR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
content-type
image/gif
Access-Control-Allow-Headers
origin, content-type, accept
Content-Length
43
Expires
0
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ 		2 B
139 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=kindred/32red/201910240909&cb=1572001426247
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.23.241 , United States, ASN15133 (EDGECAST - MCI Communications Services, Inc. d/b/a Verizon Business, US),
Reverse DNS
Software
ECAcc (frc/8F21) /
Resource Hash
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:04:04 GMT
last-modified
Thu, 14 Apr 2016 16:59:33 GMT
server
ECAcc (frc/8F21)
etag
"2243872957"
x-cache
HIT
content-type
text/javascript
status
200
cache-control
max-age=600
accept-ranges
bytes
content-length
2
expires
Fri, 25 Oct 2019 11:14:04 GMT
id
dpm.demdex.net/ 		737 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=3.1.2&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=F431E3BC5593E3887F000101%40AdobeOrg&d_nsid=0&ts=1572001426269
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-35-240-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
63d371f6064ee46b0dc60e2983fe1b904918e1f675bd98faa6d3bf61fb2ff77f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v049-0dfdb3225.edge-irl1.demdex.com 5.61.0.20191016142200 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
xKuQtANyTkw=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.32red.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
473
Expires
Thu, 01 Jan 1970 00:00:00 GMT
13ABZ8qv4qa7p4_ddHRvuRshMnt9PI7W9S80T9_qUQjm77867EC
rules.atgsvcs.com/EERules/view/rules/3.0/json/200106309199/ 		366 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rules.atgsvcs.com/EERules/view/rules/3.0/json/200106309199/13ABZ8qv4qa7p4_ddHRvuRshMnt9PI7W9S80T9_qUQjm77867EC
Requested by
Host: static.atgsvcs.com
URL: https://static.atgsvcs.com/js/atgsvcs.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
147.154.106.232 Seattle, United States, ASN31898 (ORACLE-BMC-31898 - Oracle Corporation, US),
Reverse DNS
Software
/
Resource Hash
927d4957913d316e939f839c30db85bbcb3a391c241e1e4966ea9e99d73aa926

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.32red.com
Date
Fri, 25 Oct 2019 11:03:46 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Transfer-Encoding
chunked
P3P
CP="NON DSP COR CUR OUR LEG PHY COM",policyref="http://as00.estara.com/w3c/p3p.xml"
/
zn5anr1yufr0fxp8n-32red.siteintercept.qualtrics.com/SIE/ 		60 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://zn5anr1yufr0fxp8n-32red.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_5aNR1yUfR0fxP8N&Q_LOC=https%3A%2F%2Fwww.32red.com%2F&t=1572001426279
Requested by
Host: www.32red.com
URL: https://www.32red.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.17.208.240 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
9f06bfde67966b8f1b585ce21bdd028a473460d896778b5699f13d2fc36e8dac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
39331
cf-polished
origSize=63033
status
200
edge-control
max-age=604800
strict-transport-security
max-age=31536000; includeSubDomains; preload
cf-bgj
minify
server
cloudflare
x-powered-by
Express
etag
W/"f639-EKQRDMUbr8bgmMYpzqwgv4HDUBc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=60, s-maxage=604800
cf-ray
52b3b4b26d60d725-FRA
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
adsct
analytics.twitter.com/i/ 		31 B
382 B 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.twitter.com/i/adsct?p_id=Twitter&p_user_id=0&txn_id=nz06m&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.32red.com%2F
Requested by
Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.67 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_o /
Resource Hash
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status
200, 200 OK
x-twitter-response-tags
BouncerCompliant
strict-transport-security
max-age=631138519
content-length
57
x-xss-protection
0
x-response-time
120
pragma
no-cache
last-modified
Fri, 25 Oct 2019 11:03:46 GMT
server
tsa_o
x-frame-options
SAMEORIGIN
content-type
application/javascript;charset=utf-8
cache-control
no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash
11d7ce5bef5732f048a26ae7a6774f5e
x-transaction
00c500190022744d
expires
Tue, 31 Mar 1981 05:00:00 GMT
Cookie set dest5.html
unibet.demdex.net/ Frame AA52 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://unibet.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.149.220 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-241-149-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
unibet.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site
cross-site
Referer
https://www.32red.com/
Accept-Encoding
gzip, deflate, br
Cookie
demdex=31603670739564161773566470651136454673
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://www.32red.com/

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 23 Oct 2019 16:39:29 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=31603670739564161773566470651136454673;Path=/;Domain=.demdex.net;Expires=Wed, 22-Apr-2020 11:03:46 GMT;Max-Age=15552000
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
AWaWSJ2SRrg=
Content-Length
2764
Connection
keep-alive
id
unibetlondonltd.d3.sc.omtrdc.net/ 		3 B
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unibetlondonltd.d3.sc.omtrdc.net/id?d_visid_ver=3.1.2&d_fieldgroup=A&mcorgid=F431E3BC5593E3887F000101%40AdobeOrg&mid=31584800990277281703562465911466839434&ts=1572001426308
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.31.190.58 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-31-190-58.eu-west-1.compute.amazonaws.com
Software
jag /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

status
200
date
Fri, 25 Oct 2019 11:03:46 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-64d5676c7b-lbfpq
vary
Origin
x-c
master-1047.I1d1c81.M0-302
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.32red.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript
content-length
3
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=XbLWkgAAFD34ajx0
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=31603670739564161773566470651136454673
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=XbLWkgAAFD34ajx0
42 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XbLWkgAAFD34ajx0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.240.22 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-35-240-22.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS
dcs-prod-irl1-v049-01c204641.edge-irl1.demdex.com 5.61.0.20191016142200 3ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
pkC84Pl8TrM=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
42
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date
Fri, 25 Oct 2019 11:03:45 GMT
Server
AMO-cookiemap/1.1
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XbLWkgAAFD34ajx0
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=15,max=100
Content-Length
0
event
unibet.demdex.net/ 		129 B
914 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://unibet.demdex.net/event
Requested by
Host: tags.tiqcdn.com
URL: https://tags.tiqcdn.com/utag/kindred/32red/prod/utag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.241.149.220 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-241-149-220.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7b4696eb69fb04cb6f9492e3552e861a3713da484eaed29a90df9112e3a63eb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v049-0c51039e5.edge-irl1.demdex.com 5.61.0.20191016142200 6ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
4Ai76QenQsA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.32red.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
129
Expires
Thu, 01 Jan 1970 00:00:00 GMT
a
www.googletagmanager.com/ 		0
56 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?id=UA-128674441-1&cv=1&v=3&t=t&pid=197309429&rv=aa0&es=1&e=gtm.load&eid=7&u=C&tc=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 25 Oct 2019 11:03:46 GMT
server
Google Tag Manager
vary
*
content-type
image/gif
status
204
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
151 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=278155385876307&ev=Microdata&dl=https%3A%2F%2Fwww.32red.com%2F&rl=&if=false&ts=1572001427260&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Best%20Online%20Casino%20-%20150%25%20Bonus%20up%20to%20%C2%A3150%20-%20Join%2032Red%20%26%20Play%20Now%22%2C%22meta%3Adescription%22%3A%22Instant%20Payouts.%20Regular%20Free%20Spin%20Offers%20at%2032Red%20Online%20Casino.%20Sign%20up%20to%2032Red.com%20for%20the%20best%20bonuses%2C%20frequent%20special%20offers%20and%20one%20of%20the%20largest%20selections%20of%20casino%20games.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.8&r=stable&ec=1&o=30&fbp=fb.1.1572001425722.1600800802&it=1572001425695&coo=false&es=automatic&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.32red.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 25 Oct 2019 11:03:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
alt-svc
h3-23=":443"; ma=3600
content-length
44
expires
Fri, 25 Oct 2019 11:03:47 GMT

Verdicts & Comments Add Verdict or Comment

271 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| pca function| attachEvent object| Red object| Currencies object| swiftResume object| Util undefined| PTRMF function| $ function| jQuery function| _ object| Backbone object| Marionette object| picturefillCFG function| picturefill boolean| RESPONSIVE_AUTOSIZE boolean| RESPONSIVE_CAROUSEL boolean| RESPONSIVE_CONDITIONAL boolean| RESPONSIVE_DISMISS boolean| RESPONSIVE_DROPDOWN boolean| RESPONSIVE_MODAL boolean| RESPONSIVE_NAVIGATION boolean| RESPONSIVE_TABLE boolean| RESPONSIVE_TABS function| Hammer function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry function| moment object| noUiSlider function| wNumb function| HowlerGlobal object| Howler function| Howl function| Sound object| App function| AppController object| countriesAndState undefined| ResponsivePopoverView undefined| ResetPasswordConfirmationView undefined| CountDownTimerViewIntervalCount undefined| CountDownTimerViewIdCount undefined| CountDownTimerView undefined| ResponsiveModalModel undefined| ResponsiveModalView undefined| PreloaderView undefined| LoginModel undefined| LoginView undefined| LoginStatusView undefined| PostRegisterPromoModel undefined| createRegistrationModelB undefined| ProfitBoostModel undefined| currencyCountries undefined| RegistrationViewB undefined| RegistrationConfirmViewB undefined| createRegistrationModel undefined| RegistrationView undefined| RegistrationConfirmView undefined| RegistrationPostSportRegView undefined| RegistrationPostSportRegViewNonUK undefined| PostRegisterPromoModelV2 undefined| PostRegisterPromoCollectionV2 undefined| createRegistrationModelV2 undefined| RegistrationViewV2 undefined| RegistrationConfirmPromoItem undefined| RegistrationConfirmViewV2 undefined| createAccountModel undefined| myAccountView undefined| GameCategoryModel undefined| GameCategoryCollection undefined| GameModel undefined| GameModelCollection undefined| RTPGameModel undefined| RTPGameCollection undefined| GameMenuItemView undefined| GameMenuView undefined| GameTemplate undefined| GamesCategorySection undefined| GamesCategorySectionCollection undefined| GamesDirectoryCategory undefined| LatestGamesView undefined| FreeGamesView undefined| FreeSpinsHeader undefined| GamesDirectory undefined| responsivePopover undefined| GameplayAreaView undefined| GamePlayerViewLive undefined| GamePlayerView undefined| GiveAwayGamesModel undefined| GiveAwayGamesCollection undefined| GiveAwayGameChildView undefined| GiveAwayGamesCollectionView undefined| ReasonsView undefined| SportsPromoSliderView undefined| SideGamesView undefined| SideGameModel undefined| SideGamesModelCollection undefined| LaunchBankingDesktop function| closeBanking function| closeGameplayerBanking undefined| LaunchTransactionHistory undefined| LaunchPlaycheck undefined| LeaderboardItemView undefined| LeaderboardCompositeView undefined| LeaderboardModel undefined| LeaderboardCollection undefined| RaceItemView undefined| RacesView undefined| CurrencyView undefined| RaceModel undefined| RaceCollection undefined| RaceOverlayView undefined| OngoingRaceView undefined| RaceLeaderboardModel undefined| RaceLeaderboardCollection undefined| RaceLeaderboardItemView undefined| RaceLeaderboardView undefined| RaceStatusView undefined| SportsbookOverlayView undefined| SportsbookOverlayModel undefined| SportsBookNewAccountOverlayView undefined| SportsbookNewAccountOverlayModel undefined| NotificationModel undefined| NotificationModelCollection undefined| NotificationItemView undefined| NotificationsView undefined| PromoCategoryModel undefined| PromoCategoryCollection undefined| PromoModel undefined| PromoModelCollection undefined| PromoPopupPaneView undefined| PromoPopupView undefined| PromoPopupViewNDB undefined| PromoPopupViewNDB_Card undefined| PromoPopupViewBingoNDB undefined| PromotionModel undefined| LoyaltyBoxModel undefined| LoyaltyBoxView undefined| PeekabooModel undefined| PeekabooView undefined| InGameModel undefined| InGameView undefined| InterruptivePopupModel undefined| InterruptivePopupView undefined| AchievementsPromoItem undefined| AchievementsPromoCollection undefined| AchievementsPromoViewItem undefined| AchievementsPromoView undefined| BoostWinsModel undefined| BoostWinsView undefined| GameTemplateViper undefined| LatestGamesViperView undefined| HomepageSlidePromoModel undefined| HomepageSlidePromoCollection undefined| HomepageSlideshowPromotion undefined| slideNumber undefined| HomepageSlideshowImage undefined| HomepageSlideshowImageCollectionView undefined| GeneralLoaderView undefined| PlayerActivityView undefined| SessionReminderView undefined| ExitBannerModel undefined| ExitBannerView undefined| SubscriptionCentreViewItem undefined| SubscriptionCentreModel undefined| DepositLimitViewItem undefined| DepositLimitModel undefined| DocumentVerificationViewItem undefined| DocumentVerificationModel undefined| BalanceModel undefined| BalanceView undefined| UpcomingBingoGamesModel undefined| UpcomingBingoGamesCollection undefined| UpcomingBingoGamesItemView undefined| UpcomingBingoGamesView undefined| UpcomingBingoScheduleItemView undefined| UpcomingBingoGamesScheduleView undefined| UpcomingBingoInGameItemView undefined| UpcomingBingoGamesInGameView undefined| BingoRoomsModel undefined| BingoRoomsCollection undefined| BingoRoomModel undefined| BingoRoomsItemView undefined| BingoRoomView undefined| BingoGameplayAreaView undefined| GameModelBingo undefined| BingoGamePlayerView undefined| BingoAliasModel undefined| BingoAliasView undefined| RegistrationConfirmViewBingo function| launchDocumentVerification function| launchAddressVerification function| redirectBanking function| launchBanking function| launchTransactionHistory function| launchSwift function| setupSearch object| dataLayer undefined| id4ga undefined| tier function| getAppsflyerEvents function| updateDataLayer function| updateAppEvents function| gtag object| GlobalAdalyserNamespace function| adalyserTracker function| fbpixel object| ft_onetag_4626 object| google_tag_manager object| _ATGSvcs object| ATGSvcs object| CleverSet undefined| userFirstName undefined| userLastName undefined| userEmail string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _adftrack function| twq object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| twttr object| Adform object| KJUR object| adf object| CE2 object| fortyone function| adalyserModules function| trackerCore function| rng object| _rnds8 undefined| _rnds function| parse function| unparse function| v1 function| v4 object| _byteToHex object| _hexToByte object| _seedBytes object| _nodeId number| _clockseq number| _lastMSecs number| _lastNSecs function| uuid function| cookie string| queueName function| queue function| sha1 function| api object| mutState object| AdalyserTracker boolean| utag_condload object| utag object| utag_cfg_ovrd object| functions function| Visitor object| s_c_il number| s_c_in number| c string| domainName undefined| eStara_fsguid object| QSI

23 Cookies

Domain/Path Name / Value
.32red.com/ Name: atgRecVisitorId
Value: 13ABZ8qv4qa7p4_ddHRvuRshMnt9PI7W9S80T9_qUQjm77867EC
.32red.com/ Name: xdVisitorId
Value: 13ABZ8qv4qa7p4_ddHRvuRshMnt9PI7W9S80T9_qUQjm77867EC
.32red.com/ Name: s_nr
Value: 1572001426271-New
.doubleclick.net/ Name: IDE
Value: AHWqTUnZGpwXfhFTcro53wvZRCed0ge4ZO01e9bQMAJOEE3CNqfp33JcP8yqv4xy
.32red.com/ Name: __adal_cw
Value: 1572001425766
.32red.com/ Name: __adal_ca
Value: so%3Ddirect%26me%3Dnone%26ca%3Ddirect%26co%3D%28not%2520set%29%26ke%3D%28not%2520set%29
.32red.com/ Name: __adal_id
Value: 5f7e64fc-3bd6-4496-85eb-8cc65eb982c8.1572001426.1.1572001426.1572001426.ecf503ac-f64b-40d9-999b-3ad34b45405d
.32red.com/ Name: _dc_gtm_UA-69848558-1
Value: 1
www.32red.com/ Name: CAKEPHP
Value: 8q5di2uuv28o3sluu7mqu7p023
.32red.com/ Name: _gat_gtag_UA_128674441_1
Value: 1
.32red.com/ Name: AMCV_F431E3BC5593E3887F000101%40AdobeOrg
Value: -330454231%7CMCIDTS%7C18195%7CvVersion%7C3.1.2
.32red.com/ Name: __adal_ses
Value: *
.32red.com/ Name: _fbp
Value: fb.1.1572001425722.1600800802
.32red.com/ Name: _ga
Value: GA1.2.1446007782.1572001426
www.32red.com/ Name: locale
Value: Q2FrZQ%3D%3D.MjE3ZmE2OWFhYjU2Y2RkY2U5ZWIxODgzMzZiMzRmZjkwZjI2Njg4NzQ0NzRkNjU2MGRlYmM1ZWUwOGY0OWZmZD8vGJYsW3lzn4X2IDEHLSvGM3jJWQBmpcPKvnTDVydB
.32red.com/ Name: _gid
Value: GA1.2.610163033.1572001426
.32red.com/ Name: _gcl_au
Value: 1.1.213944074.1572001426
.32red.com/ Name: BTAG
Value: DirectRequest
www.32red.com/ Name: surveyLogin
Value: false
.32red.com/ Name: utag_main
Value: v_id:016e02962b370019dff09480a21400079001607100b08$_sn:1$_se:1$_ss:1$_st:1572003226235$ses_id:1572001426235%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:32red.com
www.32red.com/ Name: Casino
Value: %7B%22first%22%3A380%7D
www.32red.com/ Name: loadedCategory
Value: home
.32red.com/ Name: __cfduid
Value: d23803dc0f8b263143a0f6e1418a453721572001423

1 Console Messages

Source Level URL
Text
console-api warning URL: https://connect.facebook.net/en_US/fbevents.js(Line 23)
Message:
[Facebook Pixel] - You are sending a non-standard event 'PageViewGTM'. The preferred way to send these events is using trackCustom. See 'https://developers.facebook.com/docs/ads-for-websites/pixel-events/#events' for more information.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32red.com
5807549.fls.doubleclick.net
analytics.twitter.com
c1.adalyser.com
cm.everesttech.net
connect.facebook.net
css.32red.com
dpm.demdex.net
rules.atgsvcs.com
script.crazyegg.com
secure.adnxs.com
services.postcodeanywhere.co.uk
static.32red.com
static.ads-twitter.com
static.atgsvcs.com
stats.g.doubleclick.net
t.co
tags.tiqcdn.com
track.adform.net
unibet.demdex.net
unibetlondonltd.d3.sc.omtrdc.net
www.32red.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
zn5anr1yufr0fxp8n-32red.siteintercept.qualtrics.com
104.16.111.33
104.17.208.240
104.244.42.197
104.244.42.67
147.154.106.232
151.101.112.157
152.199.23.241
172.217.23.166
184.31.82.148
217.10.139.203
2606:4700::6813:9308
2a00:1450:4001:824::2008
2a00:1450:4001:825::200e
2a00:1450:400c:c04::9c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.241.149.220
37.157.4.41
37.252.173.38
52.212.164.25
52.31.190.58
63.35.240.22
66.117.28.86
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
121c9a0175c352d0708a97e73fb9d4cadf16a31a4fad6b6cdff373b3ab4d0cf8
193a2818e9e3e60e2c86fd3b829327b19843187fba3c7a6d1884c76d5630ff77
213b217235c6551d71dabf8c7b45f3c9e8386deda2e072573708b81cd9a81f99
220dfc78f32ca158058a7d27afeed3ea36816538baf391dbe6aae3af9f77fd6d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e08d1e09fec94ee1fb2655272c4113263add5d9e8401019ce62145f67a29814
2e501a81ef18602fe1d3145c6ee37fed3875db15e576ba304a35944da7c918e4
319949c8c08b86e9c35ea542c0dc0c30cedaa9b8d3d3c3327a36c91aefbd8af5
32f6a3e6eaae8dc360e326bed24806f7babc4b9a7ba507f4ed1dedfaf068f768
3908f39229b0d50edd744c9c3025cb55465f66a6c2c3c61fb15830a6ad1aa7f2
3ad91bc56e802c6fb8ad369737ac0a130e0a499d410a4c00edf0996aeb2e1280
3db39cbed2bf88aad2a271b3687da87409900affc0f4e738e5e7002a578eaecd
3e98bd1bfcea80893f7a6f36aea254fdab4a1982c7511cfa406dd79f51da7513
4563d8bb1d2eea96de62b12cf4af509bfd8f4d6cc792e686cec1b39eaca8e0fb
4a20573a119be08423ad723eee0545a7de9d7aa82c70d901056e68db1c390539
51ae47bf11a24cfcb4b628f5b4dad5bb244fbc512d5f87809564260c8489cd10
595ccda4303e8b0ff3415aa12bd620eebe434c48a4c3ebaf825c544fcfe0614d
5fa92d7ef514a7e90a078083fd3bc01237736a88544a25a41c0ebb1f5d3dc9b6
63d371f6064ee46b0dc60e2983fe1b904918e1f675bd98faa6d3bf61fb2ff77f
6a15b56b3ab11e5c2a9744c7e7965c5edc19881eb50dcb605d2a489d649d2f63
776b862de717732b909590d3ce53c81c9611c3f1c7230a3451b11bb2be48da3a
7b4696eb69fb04cb6f9492e3552e861a3713da484eaed29a90df9112e3a63eb6
80a5f94a201ad353f364deeb6bdc6c3454f85503b58d1e74055fe1f1a605abc2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8770e29c05a2112df8f6222130d62f321e3012d8429e51d0f0ea314c8ae71533
8c47b10eb38be6e8b77f64bc5b4f09df7d8e406ecb87eb44a3f4c70606a0b5ba
8c9c55e07615141850253bcbc8ba106ce8d19f3fe8b8b21761610029993f6204
8ecf7a7c1c9ffcaebf20096d872df58b59f2a90e1eba050f4e7e2d2ce6612521
9062a9f58fc5dabed47d72c6df6353566a426b10f0bfef4e2ef5ef948e99a2cc
927d4957913d316e939f839c30db85bbcb3a391c241e1e4966ea9e99d73aa926
9677a9eb54e83b23c5d6b6938ac3b697ec9d025816d21da56c72f3bcf4735de6
9bef384855f383317b1fdc195dbca645cd11c71baef5140d457f2f6eafa84dd5
9f06bfde67966b8f1b585ce21bdd028a473460d896778b5699f13d2fc36e8dac
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a54e2c42a9f9497b880f571462ea03949ad526e4b5d67e298369f2a775755758
a631e8098179b4b6feaca08bce747cb8b3c53450c3fe30eead2c3f23dd288265
a7392ff19107f054658ad2eaea2e7628f5a265cc7c09a94c5fdb19db6739c91b
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
b86ff215fc0a6c452d1e81d54d5151e66abb460af4ca9dbb584d8537bbe3caf6
c05a2b5ca4d672bc37d8abaa2f5f9958cc0484199c6fffd012615e328278822c
c12bbabd4282966da34b40e0809e4dbc9ce1794d7abf7ed0eeba06d55445adc5
c2eee525972c2b03779f3d1d8c8d97559d4de12d40f3aca2f6385cf0f5bed56d
c58581f14d33cd1d7c0a0c399ec373046cc4a10373ddceed6ef5d068ce2917aa
c726077501a0e4834faa1e53604b3cea1da32eec7c16252aa15ff4e3b0342e16
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d0448b0f29df3226d9612bdf00fd4e1b8b54b40d166870edc13622f1f5fd8ab3
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
ded85ce42b0c8e7f7c7549ab3e3746ac3943497d25b8d35aa23fb4542f761842
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e199f565b4085ab9409a14430e769dcfd958250580e6bad6ccef168505d27f59
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6c3a97a5a40c904545643ebf17942c5e31999c8fd25de6d972bdb4bfc722ca4
e7786d13cb705435a677eec510c699e4ad381dd936638815c19ef27b28eb8bb1
ecac0769bd00c46c35e0e205e4d61f1e82b652a6802828b2444221b615866bd2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4b88a0e0af9d7c7558abd8832198a957af7b6c614f25d33d7278665949b5e43
f616790eef8b646a83c55e7d3adfa639d40adac0b1c21b6c785860898f433dd1
f7d30d50c8bd1a098e213d2798fdbef78e34b752fd852beccc94229ab074a55d
f85d09fb46544e82ca327703c16c54c67e589d5032ed0359919c1d848abb67d5